{
  "affected": [
    {
      "database_specific": {
        "unresolved_ranges": [
          {
            "events": [
              {
                "introduced": "0"
              },
              {
                "last_affected": "18-06\\.4"
              }
            ]
          }
        ]
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "f8c6eb67cd9da09ee20248fec6ab742069635e47"
            }
          ],
          "repo": "https://github.com/openwrt/luci",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "f8c6eb67cd9da09ee20248fec6ab742069635e47"
            }
          ],
          "repo": "https://github.com/openwrt/luci",
          "type": "GIT"
        }
      ]
    }
  ],
  "details": "OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, or network/lan under /cgi-bin/luci/admin/network/.",
  "id": "CVE-2019-17367",
  "modified": "2026-03-13T21:51:19.641289011Z",
  "published": "2019-10-18T17:15:10.343Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/openwrt/luci/commit/f8c6eb67cd9da09ee20248fec6ab742069635e47"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}