Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A bug in the fork of the opkg package manager before 2020-01-25 prevents correct parsing of embedded checksums in the signed repository index, allowing a man-in-the-middle attacker to inject arbitrary package payloads (which are installed without verification).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenWrt 代码问题漏洞
Vulnerability Description
OpenWrt是一套针对嵌入式设备的Linux操作系统。 OpenWrt的opkg fork的软件包列表解析逻辑中存在代码问题漏洞。攻击者可通过实施中间人攻击利用该漏洞注入任意代码 。以下产品及版本受到影响:OpenWrt 18.06.0版本至18.06.6版本,OpenWrt 19.07.0版本,OpenWrt LEDE 17.01.0版本至17.01.7版本。
CVSS Information
N/A
Vulnerability Type
N/A