Security News

OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware
2024-08-07 06:14

The study uncovered that OT and IoT cellular routers and those used in small offices and homes contain outdated software components associated with known vulnerabilities. The research showed that widely used OT/IoT router firmware images have, on average, 20 exploitable n-day vulnerabilities affecting the kernel, leading to increasing security risks.

Attackers Steal E-Mails, Info from OpenWrt Forum
2021-01-19 14:45

The forum supporting the community for OpenWrt suffered a security breach over the weekend, giving hackers access to e-mail addresses, user handles and additional private forum user information. Those that maintain the forum for the Linux-based open-source firmware said the forum was breached in the early hours of Saturday Jan. 16, though how attackers got in remains unknown, according to a security notice posted to the forum's home page.

OpenWrt Informs Users of Forum Breach
2021-01-19 12:07

The OpenWrt Project, the developer of the open source Linux operating system for embedded devices, informed users on Monday that someone had breached its forum over the weekend. In a security notice posted on the OpenWrt forum, users were told that the hacker gained access to the account of an administrator on January 16.

OpenWrt discloses forum data breach
2021-01-19 10:05

The OpenWrt project has revealed that an attacker has managed to access information about its online forum users over the weekend, by compromising the account of a forum administrator. The OpenWrt project oversees the development of OpenWrt, an open-source, Linux-based embedded operating system/firmaware for a variety of routers and gateways, which can also be used on smartphones, laptops and personal computers.

OpenWRT Forum user data stolen in weekend data breach
2021-01-18 13:23

The OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach. Forum administrators posted the announcement in a high-visibility area, explaining what happened and the risks to users stemming from exposing their data.

Millions of routers running OpenWRT vulnerable to attack
2020-04-01 12:20

A vulnerability discovered in the package manager of the OpenWRT open source operating system could allow attackers to compromise the embedded and networking devices running it. About OpenWRT. OpenWRT is an open source, Linux-based operating system that can be run of various types of networking devices instead of the software/firmware that vendors usually ship with them.

Patch now! Critical flaw found in OpenWrt router software
2020-03-31 14:18

A researcher has stumbled on a big security flaw affecting OpenWrt, an open source operating system used by millions of home and small business routers and embedded devices. OpenWrt has become a popular Linux alternative to the stock software that vendors ship with home routers.

Remote Code Execution Vulnerability Patched in OpenWrt
2020-03-26 09:39

A vulnerability that OpenWrt addressed in its opkg fork could have been exploited for the remote execution of arbitrary code. "Due to the fact that opkg on OpenWrt runs as root and has write access to the entire filesystem, arbitrary code could be injected by the means of forged.ipk packages with malicious payload," OpenWrt notes in an advisory.

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices
2020-03-24 13:06

A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as CVE-2020-7982, the vulnerability resides in the OPKG package manager of OpenWrt that exists in the way it performs integrity checking of downloaded packages using the SHA-256 checksums embedded in the signed repository index.

Edgewater’s Dual Channel Wi-Fi joins upstream OpenWrt repository
2019-11-05 02:30

Edgewater Wireless Systems, the industry leader in Wi-Fi Spectrum Slicing technology for residential and commercial markets, announces that Dual Channel Wi-Fi has been accepted to the upstream...