Vulners
Lucene search
CVE-2024-54143 openwrt/asu allows build artifact poisoning via truncated SHA-256 hash and command injection
| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
 | The vulnerability of the Attended SysUpgrade function of the sysupgrade.openwrt.org service allows a malicious actor to create a specially crafted malware image signed with a legitimate key. | 11 Dec 202400:00 | – | bdu_fstec |
 | CVE-2024-54143 | 6 Dec 202416:25 | – | circl |
 | OpenWrt 安全漏洞 | 6 Dec 202400:00 | – | cnnvd |
 | CVE-2024-54143 | 6 Dec 202416:14 | – | cve |
 | EUVD-2024-52312 | 3 Oct 202520:07 | – | euvd |
 | CVE-2024-54143 | 6 Dec 202417:15 | – | nvd |
 | Security Advisory 2024-12-06-1 - OpenWrt Attended SysUpgrade server: Build artifact poisoning via truncated SHA-256 hash and command injection (CVE-2024-54143) | 6 Dec 202400:00 | – | openwrt |
 | CVE-2024-54143 openwrt/asu allows build artifact poisoning via truncated SHA-256 hash and command injection | 6 Dec 202416:14 | – | osv |
 | CVE-2024-54143 | 23 May 202508:12 | – | redhatcve |
 | Use of Weak Hash | 6 Dec 202416:41 | – | snyk |
10
[
{
"vendor": "openwrt",
"product": "asu",
"versions": [
{
"version": "< 920c8a1",
"status": "affected"
}
]
}
]Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 Dec 2024 16:14Current
CVSS 49.3
EPSS0.01867