Cve-2021-45608

Hi

Is OpenWrt affected by CVE-2021-45608?

Use Yandex Translate

what they're saying is, port 20005 is wide open, towards internet, on some routers ?

(google translate)
In addition, the driver listens on the address 0.0.0.0 and the TCP port 20005. Since no firewall rules, at least on the tested Netgear router, restricted access, the driver was accessible from the Internet. A firewall rule helps as a temporary countermeasure if no firmware update is available from the manufacturer. This must deny access from the external interface to TCP port 20005 in order to prevent attacks from the Internet.

https://nvd.nist.gov/vuln/detail/CVE-2021-45608

Refers to stock firmware.

1 Like

It is just the thing that we have enthusiasts here in the forum (including me) that have run nmap more or less successful on their OpenWRT routers and that port should have been found by now if it was open.