DD-WRT Web Management Interface Remote Arbitrary Shell Command Injection Vulnerability

DD-WRT is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.

Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges, which may facilitate a complete compromise of the affected device.

DD-WRT v24-sp1 is affected; other versions may also be vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus