Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

Dec 13, 2024

A security flaw has been disclosed in OpenWrt’s Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages.
The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK has been credited with discovering and reporting the

Get Free Report & Network Analysis

Please check your email for the free report.