dd-wrt dd-wrt 24 vulnerabilities and exploits

(subscribe to this query)

Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service.

Dd-wrt Dd-wrt 24

httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote malicious users to change settings via HTTP requests.

Dd-wrt Dd-wrt 24

1 EDB exploit

Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp2 allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentia...

Dd-wrt Dd-wrt 24

2 EDB exploits

httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote malicious users to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI.

3 EDB exploits

Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp1 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the ad...

2 EDB exploits

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook