Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access 👾
Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/
CVE-2026-32721, fixed in 24.10.6 / 25.12.1
sash
@sash@hachyderm.io
Writing Python & more 🐍 • internet infrastructure & standards • community organiser • aspiring rustacean 🦀 • Write the Docs • IRRD & BGP • 🏳️🌈🏳️⚧️ • she/they
hachyderm.io
155
10
134
Conversation (10)
Showing 0 of 10 cached locally.
Syncing comments from the remote thread. 10 more replies are still loading.
Loading comments...