Root from the parking lot: OpenWRT XSS through SSID scanning (CVE-2026-32721)
Summary
OpenWrt LuCI’s wireless scan UI is vulnerable to a crafted SSID that injects HTML via innerHTML, enabling XSS in an admin session. The attacker can escalate to remote root access, with a CVSS v3.1 score of 8.6; OpenWrt has patched the issue in newer releases, and downstream vendors may need updates to mitigate risk.