Security News

A security flaw has been disclosed in OpenWrt's Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The...

A flaw in OpenWrt's Attended Sysupgrade feature used to build custom, on-demand firmware images could have allowed for the distribution of malicious firmware packages. [...]

A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux...

A couple of bugs lead to a potentially bad time OpenWrt users should upgrade their images to the same version to protect themselves from a possible supply chain attack reported to the open source...

The study uncovered that OT and IoT cellular routers and those used in small offices and homes contain outdated software components associated with known vulnerabilities. The research showed that widely used OT/IoT router firmware images have, on average, 20 exploitable n-day vulnerabilities affecting the kernel, leading to increasing security risks.

The forum supporting the community for OpenWrt suffered a security breach over the weekend, giving hackers access to e-mail addresses, user handles and additional private forum user information. Those that maintain the forum for the Linux-based open-source firmware said the forum was breached in the early hours of Saturday Jan. 16, though how attackers got in remains unknown, according to a security notice posted to the forum's home page.

The OpenWrt Project, the developer of the open source Linux operating system for embedded devices, informed users on Monday that someone had breached its forum over the weekend. In a security notice posted on the OpenWrt forum, users were told that the hacker gained access to the account of an administrator on January 16.

The OpenWrt project has revealed that an attacker has managed to access information about its online forum users over the weekend, by compromising the account of a forum administrator. The OpenWrt project oversees the development of OpenWrt, an open-source, Linux-based embedded operating system/firmaware for a variety of routers and gateways, which can also be used on smartphones, laptops and personal computers.

The OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach. Forum administrators posted the announcement in a high-visibility area, explaining what happened and the risks to users stemming from exposing their data.

A vulnerability discovered in the package manager of the OpenWRT open source operating system could allow attackers to compromise the embedded and networking devices running it. About OpenWRT. OpenWRT is an open source, Linux-based operating system that can be run of various types of networking devices instead of the software/firmware that vendors usually ship with them.