CVE-2019-12272
In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability.
Date published : 2019-05-23
https://github.com/openwrt/luci/commit/9e4b8a91384562e3baee724a52b72e30b1aa006d