PPPD 2.4.8 bug

By sending an unsolicited EAP packet to a vulnerable ppp client or server, an unauthenticated remote attacker could cause memory corruption in the pppd process, which may allow for arbitrary code execution.

https://openwrt.org/advisory/2020-02-21-1

4 Likes