CVE-2026-30874

Name of the Vulnerable Software and Affected Versions OpenWrt versions prior to 24.10.6

Description OpenWrt Project is a Linux operating system designed for embedded devices. A flaw exists in the hotplug call function that allows an attacker to circumvent environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The function is designed to filter sensitive environment variables, such as PATH, when executing hotplug scripts in /etc/hotplug.d. However, a bug using strcmp instead of strncmp causes the filter to incorrectly compare the full environment string against the literal "PATH", resulting in the PATH variable not being excluded. This allows an attacker to control the binaries executed by scripts invoked by procd running with elevated privileges. The vulnerable function is hotplug call. The vulnerable parameter is PATH.

Recommendations Update to version 24.10.6 or later.