Security News
A researcher has stumbled on a big security flaw affecting OpenWrt, an open source operating system used by millions of home and small business routers and embedded devices. OpenWrt has become a popular Linux alternative to the stock software that vendors ship with home routers.
A vulnerability that OpenWrt addressed in its opkg fork could have been exploited for the remote execution of arbitrary code. "Due to the fact that opkg on OpenWrt runs as root and has write access to the entire filesystem, arbitrary code could be injected by the means of forged.ipk packages with malicious payload," OpenWrt notes in an advisory.
A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as CVE-2020-7982, the vulnerability resides in the OPKG package manager of OpenWrt that exists in the way it performs integrity checking of downloaded packages using the SHA-256 checksums embedded in the signed repository index.
Edgewater Wireless Systems, the industry leader in Wi-Fi Spectrum Slicing technology for residential and commercial markets, announces that Dual Channel Wi-Fi has been accepted to the upstream...
Hacker coalition wants device support timeline clarified, free firmware mandates Last week, in a attempt to address broadband router security, the German government published its suggestions for...