httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote malicious users to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dd-wrt dd-wrt |