sash3d ago
Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access 👾
Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/
CVE-2026-32721, fixed in 24.10.6 / 25.12.1
Show threadluna the doggie  3d ago
@sash hmmm I really need to update my router huh
Show threadsash
@lunareclipse or just don't open that scan page ;)
Mar 19 at 11:24amWeb