Security issue
criticskate at protonmail.com
criticskate at protonmail.com
Tue Oct 21 12:07:23 PDT 2025
Per openwrt[.]org/docs/guide-developer/security, I emailed contact at openwrt dot org to report a security issue yesterday. The page also states "in case you do not get an answer or it is important please use our public mailing list". I do not agree with the idea that security issues should be disclosed on a public mailing list, so I am simply stating here that it would be wise for whoever has access to the contact@ email to check the report.
To be clear, the vulnerability I've reported is complex and would require unusual circumstances to exploit in practice, so it is not a critical issue. However, it would be ideal to check on the report and possibly fix it as the fix is not too complicated.
More information about the openwrt-adm
mailing list