Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2020/03/24 8:6 p.m.80 views

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as...

8.1CVSS0.6AI score0.01588EPSS
Exploits3
OSV
OSV
added 2020/03/16 10:15 p.m.26 views

CVE-2020-7982

An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A bug in the fork of the opkg package manager before 2020-01-25 prevents correct parsing of embedded checksums in the signed repository index, allowing a man-in-the-middle attacker to inject arbitrary...

8.1CVSS6.8AI score0.01588EPSS
Exploits3References4
Prion
Prion
added 2020/03/16 10:15 p.m.18 views

Design/Logic Flaw

An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A bug in the fork of the opkg package manager before 2020-01-25 prevents correct parsing of embedded checksums in the signed repository index, allowing a man-in-the-middle attacker to inject arbitrary...

6.8CVSS7.9AI score0.01588EPSS
Exploits3References4Affected Software2
CVE
CVE
added 2020/03/16 9:5 p.m.89 views

CVE-2020-7982

OpenWrt/OpenWrt-derived builds are affected by CVE-2020-7982. A bug in the opkg package manager fork (before 2020-01-25) misparses embedded checksums in the signed repository index, enabling a man-in-the-middle attacker to inject arbitrary package payloads that are installed without verification....

8.1CVSS7.9AI score0.01588EPSS
Exploits3References4Affected Software2
Rows per page
Query Builder