OpenWRT is Vulnerable to Remote Code Execution Attacks

Image of a router

For three years, router firmware OpenWRT has been vulnerable to remote code execution attacks.

The researcher also found that it was trivial for attackers with moderate experience to bypass digital-signature checks that verify a downloaded update as the legitimate one offered by OpenWTR maintainers. The combination of those two lapses makes it possible to send a malicious update that vulnerable devices will automatically install.

This is especially concerning because OpenWRT is commonly recommend by privacy advocates as an alternative to built-in proprietary router firmware.

Check It Out: OpenWRT is Vulnerable to Remote Code Execution Attacks

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.