@BafDyce Yeah that took me a bit of time to find. An alert(1) fits easy of course, but I have the most fun if I can show a full running exploitation to something practical 
S
sash@hachyderm.io
@sash@hachyderm.io
Posts
-
Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access 👾Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/CVE-2026-32721, fixed in 24.10.6 / 25.12.1 -
Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access 👾Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/CVE-2026-32721, fixed in 24.10.6 / 25.12.1@uvok there's a lot of these, I've been playing with it a lot over the last year, and I have some more fun ones in my queue waiting for release
-
Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access 👾Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/CVE-2026-32721, fixed in 24.10.6 / 25.12.1@lunareclipse or just don't open that scan page
-
Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access 👾Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/CVE-2026-32721, fixed in 24.10.6 / 25.12.1Rooting OpenWRT from the parking lot: I discovered an XSS in the OpenWRT SSID scan page, that can be chained to remote root access
Write-up and demo: https://mxsasha.eu/posts/openwrt-ssid-xss-to-root/
CVE-2026-32721, fixed in 24.10.6 / 25.12.1