Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aQCSlbL8RScPX1mg@remnant.pseudorandom.co.uk>
Date: Tue, 28 Oct 2025 09:53:25 +0000
From: Simon McVittie <smcv@...ian.org>
To: oss-security@...ts.openwall.com
Subject: Re: Questionable CVE's reported against dnsmasq

On Mon, 27 Oct 2025 at 19:26:47 -0700, nightmare.yeah27@...ecat.org wrote:
>On Mon, Oct 27, 2025 at 09:37:03PM -0400, Demi Marie Obenour wrote:
>> I suspect that OPNsense generates dnsmasq and Unbound
>> configuration files from data provided in the web UI.
>
>And OpenWRT. Definitely. Not sure how much validation there is.

The OpenWRT web UI can also execute arbitrary code (most obviously via 
System -> Startup -> Local Startup which directly edits /etc/rc.local), 
so an authenticated user of the OpenWRT web UI is already on the 
secure/trusted side of the airtight hatchway, and it isn't a 
vulnerability if they can also execute arbitrary code in some more 
convoluted way than just writing it into /etc/rc.local.

     smcv

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.