Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

2024-12-13 16:48

A security flaw has been disclosed in OpenWrt's Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK has been credited with discovering and reporting the

News URL

https://thehackernews.com/2024/12/critical-openwrt-vulnerability-exposes.html

#critical #firmware #openwrt #vulnerability #CVE-2024-54143

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-06	CVE-2024-54143	openwrt/asu is an image on demand server for OpenWrt based distributions.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Openwrt		4	1	41	9	2	53

News URL

Related news

Related Vulnerability

Related vendor