Kanjimonster

**Name of the Vulnerable Software and Affected Versions** OpenWrt Project versions prior to 24.10.6 OpenWrt Project versions prior to 25.12.1 **Description** The OpenWrt Project, a Linux operating system for embedded devices, contains a stack-based buffer overflow in the `mdns` daemon’s `match ipv6 addresses` function. This occurs when processing PTR queries for IPv6 reverse DNS domains (.ip6.arpa) received via multicast DNS on UDP port 5353. The issue arises because the `strcpy` function copies data into a fixed 256-byte stack buffer without proper length validation, and the reverse IPv6 request is extracted into a 46-byte buffer. An attacker can exploit this by sending a crafted DNS query exceeding 46 bytes, leading to an out-of-bounds write and potential remote code execution. **Recommendations** Update to OpenWrt Project version 24.10.6 or later. Update to OpenWrt Project version 25.12.1 or later.