An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request.
In order to exploit this vulnerability, a malicious actor needs to perform a man-in-the-middle attack, presenting a requesting ustream-ssl client with any invalid certificate. The ustream-ssl client will eventually tear down the SSL connection due to that, but only after flushing pending data, e.g. the HTTP request payload in case of an HTTPS client application.
To fix this issue, update the affected ustream-ssl packages using the command below.
opkg update; opkg upgrade libustream-mbedtls libustream-openssl
The fix is contained in the following and later versions:
To our knowledge, OpenWrt versions 18.06.0 to 18.06.4 are affected. The fixed packages are integrated in the OpenWrt 18.06.5, OpenWrt 19.07.0-rc1 and subsequent releases. Older versions of OpenWrt (e.g. OpenWrt 15.05 and LEDE 17.01) are end of life and not supported any more.
The issue has been reported by the Claudio Bozzato of Cisco Talos on 11th September 2019. (http://talosintelligence.com/vulnerability-reports/)
The issue has been fixed by Jo-Philipp Wich <jo at mein.io>