Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

A security flaw has been disclosed in OpenWrt's Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK has been credited with discovering and reporting the

Posted from: Click here for the full article.

留言

此網誌的熱門文章

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation