httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote malicious users to change settings via HTTP requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dd-wrt dd-wrt 24 |