Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revisionBoth sides next revision | ||
| docs:guide-user:security:openwrt_security [2021/03/29 12:26] – formatting vgaetera | docs:guide-user:security:openwrt_security [2022/11/06 13:10] – [I have custom packages installed...] mdvthu | ||
|---|---|---|---|
| Line 107: | Line 107: | ||
| ===== A word about high-value weak points on OpenWrt ===== | ===== A word about high-value weak points on OpenWrt ===== | ||
| OpenWrt devices have 2-4 common services running, which kind of mark high-value targets for malware (even when only available in your LAN-zone): Any harmless looking web site, you have visited in your browser, could use cross site request forgery tricks, abusing an unpatched security flaw in one of these services. | OpenWrt devices have 2-4 common services running, which kind of mark high-value targets for malware (even when only available in your LAN-zone): Any harmless looking web site, you have visited in your browser, could use cross site request forgery tricks, abusing an unpatched security flaw in one of these services. | ||
| - | This could lead to malicious malware redirect attacks where [[https://secure.wphackedhelp.com/blog/wordpress-malware-redirect-hack-cleanup/# | + | This could lead to malicious malware redirect attacks where [[https://attack.mitre.org/techniques/T1189/|website redirects to a malware site]] and so on. |
| These high-value services in particular are: | These high-value services in particular are: | ||