A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic.
Tracked as CVE-2020-7982, the vulnerability resides in the OPKG package manager of OpenWrt that exists in the way it performs integrity checking of downloaded packages using the SHA-256 checksums embedded in the signed repository index.
While an ‘opkg install’ command is invoked on the victim system, the flaw could allow a remote man-in-the-middle attacker in a position to intercept the communication of a targeted device to execute arbitrary code by tricking the system into installing a malicious package or software update without verification.
If exploited successfully, a remote attacker could gain complete control over the targeted OpenWrt network device, and subsequently, over the network traffic it manages.
The three-year-old vulnerability was discovered earlier this year by Guido Vranken from the ForAllSecure software company, who then reported it responsibly to the OpenWrt development team.
In a…
http://feedproxy.google.com/~r/TheHackersNews/~3/-KB-_DdjYXE/openwrt-rce-vulnerability.html