Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
CVE-2013-3568 - Linksys CSRF + Root Command Injection
Jul 12 2013 02:24AM
vuln-report secur3 us
I would like to inform you that the latest available Linksys WRT110 firmware is prone to root shell command injection via cross-site request forgery. This vulnerability is the result of the web interface's failure to sanitize ping targets as well as a lack of csrf tokens. Linksys/Belkin h...
[ more ]
Copyright 2010, SecurityFocus