{"slug": "hacker-fantastic-and-team-report-a-pre-auth-remote-root-exploit-against-openwrt", "title": "Hacker Fantastic and team report a pre-auth remote root exploit against openwrt", "summary": "Security researcher Hacker Fantastic reported a pre-authentication remote root exploit (CVSS 9.6, CRITICAL) against OpenWRT, submitted to the project. The researcher detailed an AI/LLM vulnerability discovery pipeline used to find the 0day and other vulnerabilities in software including Horde, Django, WordPress, Gitlab, and Dropbear.", "body_md": "Don't believe that this is real? OpenWRT pre-auth remote root exploit 0day (CVSS 9.6, CRITICAL). Submitted this morning to the project. Technical details with-held for future publication. I have so far ran against OpenWRT, Horde, Django, WordPress, Gitlab, Dropbear & more.\n\nI've documented at a high-level the AI/LLM vulnerability discovery pipeline I am using for finding confirmed vulnerabilities (0day). Here is example of Stage1 output, the modelling phase is important as it provides guidance for the inference fuzzing recursive loop.", "url": "https://wpnews.pro/news/hacker-fantastic-and-team-report-a-pre-auth-remote-root-exploit-against-openwrt", "canonical_source": "https://twitter.com/hackerfantastic/status/2074871544984064163", "published_at": "2026-07-08 15:33:51+00:00", "updated_at": "2026-07-08 15:42:51.678001+00:00", "lang": "en", "topics": ["artificial-intelligence", "ai-tools"], "entities": ["Hacker Fantastic", "OpenWRT", "Horde", "Django", "WordPress", "Gitlab", "Dropbear"], "alternates": {"html": "https://wpnews.pro/news/hacker-fantastic-and-team-report-a-pre-auth-remote-root-exploit-against-openwrt", "markdown": "https://wpnews.pro/news/hacker-fantastic-and-team-report-a-pre-auth-remote-root-exploit-against-openwrt.md", "text": "https://wpnews.pro/news/hacker-fantastic-and-team-report-a-pre-auth-remote-root-exploit-against-openwrt.txt", "jsonld": "https://wpnews.pro/news/hacker-fantastic-and-team-report-a-pre-auth-remote-root-exploit-against-openwrt.jsonld"}}