sash3d ago
Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access 👾
Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/
CVE-2026-32721, fixed in 24.10.6 / 25.12.1
Show threaduvok cheetah3d ago
@sash funny coincidence, I fixed the same class of bug at work recently
Show threadsash
@uvok there's a lot of these, I've been playing with it a lot over the last year, and I have some more fun ones in my queue waiting for release :)
Mar 19 at 5:30pmWeb