Showing 1 - 2 of 2

OSVDB: OSVDB-89912

Linksys WRT54GL apply.cgi Command Execution: Posted Apr 10, 2013; Authored by Michael Messner, juan vazquez | Site metasploit.com; Some Linksys Routers are vulnerable to an authenticated OS command injection in the Web Interface. Default credentials are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping command against a controlled system could be used for testing purposes. The user must be prudent when using this module since it modifies the router configuration while exploitation, even when it tries to restore previous values.; tags | exploit, web; advisories | OSVDB-89912; SHA-256 | 842e633a501f723e29c147350b0f672da78b474050f74be28f55d1501d673b3c; Download | Favorite | View

Linksys E1500/E2500 apply.cgi Remote Command Injection: Posted Apr 2, 2013; Authored by Michael Messner, juan vazquez | Site metasploit.com; Some Linksys Routers are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping command against a controlled system could be used for testing purposes.; tags | exploit, web; advisories | OSVDB-89912; SHA-256 | b0afd45182320ce4cbe58cfbaef05397334c74a08e5a150118bf0469c6dc9d01; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days