Wed. May 18th, 2022

An unpatched vulnerability in a popular C standard library found in a wide range of IoT products and routers could put millions of devices at risk of attack.

The vulnerability, identified as CVE-2022-05-02 and discovered by Nozomi Networks, is present in the Domain Name System (DNS) component of the uClibc library and its fork uClibc-ng from the OpenWRT team. uClibc and uClibc-ng are widely used by Netgear, Axis, Linksys and other major vendors as well as in Linux distributions designed for embedded applications.

By Admin

Leave a Reply

Your email address will not be published.