Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: Linksys WRT54 GL - Session riding (CSRF)
Jan 14 2008 06:58PM
Jan Heisterkamp (janheisterkamp web de)
> A malicious link executing unnoticed by the administrator may open the firewall.
The catch is that this exploit don't work unnoticed, because the admin
get notification in the browser that there has occured an error with the
cerificate ["Unable to verify the identity of Linksys as a trusted
[ more ]
Copyright 2010, SecurityFocus