A vulnerability in the OpenWrt attended sysupgrade server

The OpenWrt project has issued anadvisory regarding a vulnerability found in its Attended SysupgradeServer that could allow compromised packages to be installed on a router byan attacker. No official OpenWrt images were affected, and thevulnerability is not known to be exploited, but users who have installedimages created with an instance of this server are recommended toreinstall.

For a detailed description of how the exploit works, see thisblog post.

Then, as the hash collision occurred, the server returns theoverwritten build artifact to the legitimate request that requeststhe following packages. [...]

By abusing this, an attacker could force the user to upgrade to themalicious firmware, which could lead to the compromise of thedevice.