Dnsmasq vulnerabilities

Has anyone got any comments on this post on the (recently hacked) openwrt forum.
Does it affect Gl-inet routers?

Apparently 7 CVEs (vulnerabilities) have been found in this package.

I have:

root@GL-MT1300:~# opkg list-installed dnsmasq*
dnsmasq-full - 2.80-16.1

on my Beryl .

from openwrt…after updating
The above command should output following:

  • dnsmasq - 2.80-16.2 for stable 19.07 release
  • dnsmasq - 2.83-1 for master/snapshot
2 Likes

For now you can do as they wrote there in the “Configuration based mitigation” section of the post.

An upgrade to 2.83-1 will need to be made on all routers. Will take some time.

2 Likes

The vulnerabilities affect our routers if the attacker has gained access to the router’s internal network.

Fortunately we are upgrading to 3.201 firmware and hopefully we can fix this this month.

3 Likes

Thank you to post Dnsmasq vulnerabilities,I will upgrade Dnsmasq by myself!