site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Open-source firmware flaw exposes wireless routers - DD-WRT

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies

SUMware
Premium
join:2002-05-21
kudos:2
1 edit

reply to Stem Bolt

Re: Open-source firmware flaw exposes wireless routers - DD-WRT

Update from The Register
quote:
DD-WRT developer Sebastian Gottschall just emailed to say an interim fix is available here. "Consider that this exploit was released without any Report to us," he added.
DD-WRT Web Management Interface Remote Arbitrary Shell Command Injection Vulnerability
quote:
DD-WRT is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.

Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges, which may facilitate a complete compromise of the affected device.

DD-WRT v24-sp1 is affected; other versions may also be vulnerable.

Bugtraq ID: 35742
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Jul 20 2009 12:00AM
Updated: Jul 20 2009 09:56PM
Credit: gat3way
Vulnerable: DD-WRT DD-WRT v24.sp1
DD-WRT DD-WRT v24-sp1
DD-WRT DD-WRT v24
to forum · permalink · 2009-07-21 18:55:15 ·
Forums > Broadband Tech > Security > Security

Saturday, 02-Jun 19:15:41 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics