cve/2019/CVE-2019-19945.md

### [CVE-2019-19945](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19945)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large negative Content-Length value.

### POC

#### Reference
- https://github.com/openwrt/openwrt/commits/master
- https://github.com/openwrt/openwrt/commits/master
- https://openwrt.org/advisory/2020-01-13-1
- https://openwrt.org/advisory/2020-01-13-1

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/PoC-List
- https://github.com/delicateByte/CVE-2019-19945_Test
- https://github.com/mclab-hbrs/openwrt-dos-poc