what you don't know can hurt you

Cisco Linksys Remote Preauth Remote Root

Cisco Linksys Remote Preauth Remote Root
Posted Jan 11, 2013
Authored by DefenseCode

DefenseCode is going to be releasing details that allow for remote root compromise of a Cisco Linksys device.

tags | advisory, remote, root
systems | cisco
MD5 | de9bd20a87b443548378dbddd920786d

Cisco Linksys Remote Preauth Remote Root

Change Mirror Download
DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 
0day Root Exploit

Story behind the vulnerability...

Months ago, we've contacted Cisco about a remote preauth (root access)
vulnerability
in default installation of their Linksys routers that we've discovered.
We gave them
detailed vulnerability description along with the PoC exploit for the
vulnerability.

They said that this vulnerability was already fixed in latest firmware
release...
Well, not this particular vulnerability, since the latest official
Linksys firmware -
4.30.14, and all previous versions are still vulnerable.

Exploit shown in this video has been tested on Cisco Linksys WRT54GL,
but other
Linksys versions/models are probably also affected.
Cisco Linksys is a very popular router with more than 70,000,000 routers
sold.
That's why we think that this vulnerability deserves attention.

According to our vulnerability disclosure policy, the vulnerability
details will be
disclosed in following 2 weeks on http://www.defensecode.com/ , BugTraq and
Full Disclosure.
Due to the severity of this vulnerability, once again we would like to
urge Cisco
to fix this vulnerability.

The vulnerability is demonstrated in the following video:
http://www.youtube.com/watch?v=cv-MbL7KFKE&hd=1

Kind Regards,
DefenseCode LTD.
E-mail: defensecode[at]defensecode.com
Website: http://www.defensecode.com
Advisory URL:
http://www.defensecode.com/article/upcoming_cisco_linksys_remote_preauth_root_exploit-33

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close