Red Security
News Critical Remote Code Execution Bug in Linux Based OpenWrt OS Affects Millions of Netw - Printable Version

+- Red Security (https://redsecurity.info/cc)
+-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1)
+--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4)
+--- Thread: News Critical Remote Code Execution Bug in Linux Based OpenWrt OS Affects Millions of Netw (/showthread.php?tid=1447)



Critical Remote Code Execution Bug in Linux Based OpenWrt OS Affects Millions of Netw - Mr.Kurd - 03-25-2020

In The Name OF Allah
Al-Salam Alekum

[Image: Critical-RCE-Bug-Affects-Millions-of-Ope...78x380.jpg]

After Windows 10 Big Grin Linux also affected guys don't be so happy Linux users.

Quote:Security researcher uncovered a critical remote code execution vulnerability in OpenWrt operating system that allows attackers to inject the malicious payload on the vulnerable systems.


OpenWrt is a Linux based operating system that is mainly used in embedded devices and network routers to route the network traffic and is installed on millions of devices around the globe.

The RCE bug addressed in the package list parse the logic of OpenWrt’s opkg (Opkg Package Manager) fork let package manager ignore the SHA-256 checksums embedded in the signed repository index which allows an attacker to bypass the integrity checking of downloaded .ipk artifacts.



The Source
Wa Salam Aelkum