You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First, I have to say I'm not 100% sure it is something to be addressed within samba package itself, so forgive me if this is something you have already evaluated as not being an issue.
I'm not sure this works in plain openwrt images, but there exists a widely deployed commercial fork of openwrt which is definitely vulnerable to some exploit chain involving this one in the middle.
You could argue that the right of modifying uci config already gives an equivalent authorization level, or this should have been sanitized at user interface. So, is this something you consider safe?
The text was updated successfully, but these errors were encountered:
LuKePicci:
First, I have to say I'm not 100% sure it is something to be addressed within samba package itself, so forgive me if this is something you have already evaluated as not being an issue.
In short, something like that works:
[…]
option workgroup 'WORKGROUP
security = share
guest account = root
interfaces = lo br-lan
[ohnonotagain]'
I'm not sure this works in plain openwrt images, but there exists a widely deployed commercial fork of openwrt which is definitely vulnerable to some exploit chain involving this one in the middle.
You could argue that the right of modifying uci config already gives an equivalent authorization level, or this should have been sanitized at user interface. So, is this something you consider safe?
The text was updated successfully, but these errors were encountered: