Security researchers have found and reported 14 vulnerabilities in the BusyBox userspace tool that's used in millions of embedded devices running Linux-based firmware. While the flaws don't have high criticality, some of them do have the potential to result in remote code execution (RCE).
BusyBox is a software utilities suite that its creators describe as the Swiss army knife of embedded Linux. It contains implementations of the most common Linux command-line tools, together with a shell and a DHCP client and server, all packaged as a single binary. BusyBox has become a de facto standard in the embedded Linux userspace, its standalone binary having support for over 300 common Linux commands.
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
