We posted the following several days ago:
New OpenWRT vulnerability? No.
The security vulnerability CVE-2020-7982 is publicly known since early February 2020. Somehow, some bloggers re-discovered the vulnerability this week and started to warn users.
However, the vulnerability was fixed more than 1 month ago, see https://chaos.social/@infosechandbook/103588009747917424.
Turris Omnia users: This was fixed in Turris OS 3.11.14, released on Feb 5, 2020.
Obviously, Ars Technica re-discovered the vulnerability, too.
1 Like