BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[CVE-2012-6297] DD-WRT v24-sp2 Command Injection Oct 27 2013 06:23PM
Craig Young (vuln-report secur3 us)
Unfortunately command injections like the NETGEAR one Zachary Cutlip
and I both came across are all too common in embedded systems.

Similar to NETGEAR and Linksys having commands injected when running
ping, I have also noticed that DD-WRT v24-sp2 is prone to command
injection from specially crafted...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus