OpenWrt uhttpd Buffer Overflow Vulnerability

OpenWrt is a Linux operating system for embedded devices. uhttpd is one of the HTTP services. A buffer overflow vulnerability exists in uhttpd in OpenWrt versions 18.06.5 and earlier and versions 19.x through 19.07.0-rc2. The vulnerability originates when a network system or product performs an...

PT-2020-19897 · Openwrt +1 · Openwrt +2

Name of the Vulnerable Software and Affected Versions: OpenWrt versions 18.06.0 through 18.06.6 OpenWrt version 19.07.0 LEDE versions 17.01.0 through 17.01.7 Description: A bug in the fork of the opkg package manager prevents correct parsing of embedded checksums in the signed repository index,...