Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

A security flaw has been disclosed in OpenWrt's Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK has been credited with discovering and reporting the

Posted from: Click here for the full article.

留言

此網誌的熱門文章

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation