Support for OpenWRT-based router devices

Hi,

does the OpenVAS vulnerability scanner support OpenWRT targets? I have multiple router based on this operating system (Teltonika) and would like to monitor them for current vulnerabilities.

Unfortunately I get the “Uknown OS and Service Banner Reporting” info in the report:

Unknown banners have been collected which might help to identify the OS running on this host. If these banners containing information about the host OS please report the following information to https://community.greenbone.net/c/vulnerability-tests:

Banner: uname: Linux Teltonika-RUT240.com 5.4.147 #0 Tue Aug 31 22:20:08 2021 mips GNU/Linux

/etc/os-release: NAME="OpenWrt"
VERSION="21.02.0"
ID="openwrt"
ID_LIKE="lede openwrt"
PRETTY_NAME="OpenWrt 21.02.0"
VERSION_ID="21.02.0"
HOME_URL="https://openwrt.org/"
BUG_URL="https://bugs.openwrt.org/"
SUPPORT_URL="https://forum.openwrt.org/"
BUILD_ID="r16279-5cc0535800"
OPENWRT_BOARD="ath79/generic"
OPENWRT_ARCH="mips_24kc"
OPENWRT_TAINTS="no-all busybox"
OPENWRT_DEVICE_MANUFACTURER="OpenWrt"
OPENWRT_DEVICE_MANUFACTURER_URL="https://openwrt.org/"
OPENWRT_DEVICE_PRODUCT="Generic"
OPENWRT_DEVICE_REVISION="v0"
OPENWRT_RELEASE="OpenWrt 21.02.0 r16279-5cc0535800"

/etc/version: RUT2_R_00.07.01.2
Identified from: Determine OS and list of installed packages via SSH login on port 22/tcp

The installed applications and their version can be collected using the opkg package management systems - if OpenVAS does not support that officially yet, is there a possibility to add custom solution which would check applications for CVEs?

thanks & br,
Chris

@shypard

Well. someone need to do support and keep it up to date.

Eero

Hi Chris,

Currently I’m not aware of any specific detection for OpenWRT.

I will open an internal ticket for this. Thanks for the provided info. Might be somebody will come back to you if we need some further information.

Chris

2 Likes

Hi Chris,
thanks, I am happy to provide any information you guys need :slight_smile:

Chris

2 Likes