DD-WRT Cross-Site Request Forgery Vulnerability

DD-WRT is prone to a cross-site request-forgery vulnerability.

Successful exploits will allow attackers to run arbitrary commands with administrative privileges, change web administration password, enable remote administration and create port forwarding rules to bypass the NAT. Other attacks are also possible.

DD-WRT v24-sp1 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus