whotwagner
commented
7 years ago This vulnerability is still open. Even in version 8.0.4
Open whotwagner opened 7 years ago
whotwagner
commented
7 years ago This vulnerability is still open. Even in version 8.0.4
Hello,
OpenElec looks for updates at http://update.openelec.tv/updates.php and downloads updates from http://releases.openelec.tv/. The update-packages(firmware) is not signed. If someone becomes Man-In-The-Middle he is able to inject a firmware with malicious code. Therefore a network would be more secure if automatic updates are disabled in openelec. I tried this attack on 5.0.8 and 6.0.3.
I would recommend to use at least HTTPS for both addresses(update.openelec.tv and releases.openelec.tv) or signed updates.
Wolfgang