Eric librick

## CVE-2022-41435.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              2 stars
            
          
                librick
                / CVE-2022-41435.md
            
            
              Last active
              November 12, 2022 13:57
            
              
                CVE-2022-41435
              
          
    CVE ID: CVE-2022-41435

Name of Affected Product(s): OpenWRT LuCI

Affected Version(s): git-22.140.66206-02913be

Problem Type:

Vulnerability Type:

Stored XSS via injection of markdown in SSH public key comments
Root Cause:

The luci-mod-system module parses SSH public key information

from the file /etc/dropbear/authorized_keys within OpenWRT's

filesystem but fails to properly sanitize SSH public key


## keybase.md

      
              1 file
            
          
              0 forks
            
          
              1 comment
            
          
              1 star
            
          
                librick
                / keybase.md
            
            
              Last active
              May 30, 2023 15:48
            
              
                keybase prove github
              
          
    Update, October 27th, 2022:

TLDR;

I locked myself out of Keybase 🦝

If you get a message from juniperspring on Keybase, don't trust it.

I might make a blog post about Keybase at some point.

Or maybe I just took over this Github account... ;)
Proof of time:

Current Bitcoin block height: 760,576