Monday, October 23, 2017

Upgrading dd-wrt to protect against CVE-2017-14493

Google found, and worked with the dnsmasq author to fix, a bunch of vulnerabilities in dnsmasq. Now everyone needs to update tons of devices, including your router.

It's been a while since I updated this firmware so I had to figure it out from scratch again. AFAICT the procedure is to go find your router in the dd-wrt database. Hopefully it's supported. If it is you can go download the latest firmware from the ftp server and upload via the web interface. Anything later than 33430 should contain the fix.