[OpenWrt-Devel] Possible security issue
e9hack at gmail.com
Fri Apr 17 04:16:30 EDT 2020
the configuration files for hostapd (/var/run/hostapd-phyX.conf) are readable for everyone. This means everyone can read the wifi passwords. If a non privileged user calls 'uci show wireless', he will also get all wifi passwords. This possible e.g. for user nobody and dnsmasq.
Is this a a security issue?
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
More information about the openwrt-devel