Netgear router version 1.0.0.24 with JNR1010 firmware suffers from a cross site request forgery vulnerability.
da6530ed94ec74ddcb325b48d68b02ef2fe16d9c6ec393e137a00d4987f9e68a
Secunia Security Advisory - A vulnerability has been reported in the Yamaha RT Series Routers, which can be exploited by malicious people to cause a DoS (Denial of Service).
25a70cac1dc439d1698ce567e34c804acc75f9e09c2d3cdd7fb11b5c0e289d9e
Fiberhome HG-110 routers suffer from cross site scripting and local file inclusion vulnerabilities.
25b1b59839207535d1b10fdda49adf6dd271eec45326a77d87756b0b77bb02e4
O2 Classic Router suffers from cross site request forgery and cross site scripting vulnerabilities.
94d6ca9d702ec4f5fdb7414e8e935b6e8e12b2ba4c775e2b2fd39a04eff4c71f
An ICMPv6 router announcement flooding denial of service vulnerability affects multiple systems including Cisco, Juniper, Microsoft, and FreeBSD. Cisco has addressed the issue but Microsoft has decided to ignore it.
b678a0b413550ec37fd50aa3338c0642a3b7f81dcdd9c330b6d7ffb73e786564
This Metasploit module exploits a vulnerability found in IBM Lotus Domino iCalendar. By sending a long string of data as the "ORGANIZER;mailto" header, process "nRouter.exe" crashes due to a Cstrcpy() routine in nnotes.dll, which allows remote attackers to gain arbitrary code execution. Note: In order to trigger the vulnerable code path, a valid Domino mailbox account is needed.
58a0109fc5ef5bec16039ceb68600f3e20fe6be1a9d5c1104237dc5b1f0cde5e
THOMSON Router version 7.4.4.7 suffers from a cross site scripting vulnerability.
28ac8611235849ab8377f46542bf45884a585a6271e093ddb136304cdd156345
Eircom Netopia Routers suffers from multiple backdoor vulnerabilities that allow for remote privilege escalation.
71bcdd74f2f246a4e1c36551a5c8752d3b4b4478ddc329287636a9d46a506f73
OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.
e657a68a0dd07b6c368fe00d1937671ad68ffa75f21313c5fc8553e7f3ebcfdc
Secunia Security Advisory - A vulnerability has been reported in SEIL Routers, which can be exploited by malicious people to compromise a vulnerable system.
e6d84002ad68f2297e06e2a40400b12d77e4f8ce3d5cf1b5aa659f46ab7e2497
Comtrend ADSL router BTC (VivaCom) CT-5367 C01_R12 suffers from a cross site request forgery vulnerability that allows for password changes. Successful exploitation allows remote root access to the device.
7787b03f3c56cdbf0d32b20b5495b9e6aa2e1f78000dc7155d3ea2bf26850ee9
Cisco Security Advisory - A vulnerability exists in the Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers that may cause the Cisco FWSM to reload after processing a malformed Skinny Client Control Protocol (SCCP) message. Devices are affected when SCCP inspection is enabled. Cisco has released free software updates that address this vulnerability.
2d3c304b1169c0947fbea1a762b1e12011ff5021a0b46976a1ef04bb54325ee7
Zero Day Initiative Advisory 11-048 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed calendar meeting request. The process copies the contents of the name parameter within the Content-Type header into a fixed size stack buffer. By providing enough data this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.
9e6b48942aef107760324058e3ae367162c825c55a3df189d7b05a6b4a064e41
Zero Day Initiative Advisory 11-046 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NRouter service while transporting malformed e-mails. The vulnerable code copies data from the ATTACH:CID and Content-ID headers within an e-mail into a fixed length stack buffer. By providing a large enough file name, this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.
bdd4162ce5354caa85ddefb3baeb8113ed3c2ef0947470f6bc5a8bacece36c39
D-LINK DIR-280 router allows for an unauthenticated direct access administrative password changing vulnerability.
50a92d0ee3378b8021ffdc21994e9c7d01dfc808b43830056e81bf6ed5e61ce0
Huawei HG520 and HG530 routers are vulnerable to weak cipher attacks. It is possible to generate the default WEP/WPA key from the MAC address. This python code demonstrates the issue.
c5c634174c47951bb956edb6dd96f6515e4a2e857387c1b589cc81559cfed7b3
WiRouter KeyRec is a powerful and platform independent piece of software that recovers the default WPA passphrases of the supported router's models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley).
a56eb4b141af2d150c59a58ef916eeaf440c3055e0d00be55e231ee87b419174
Remote attackers can gain sensitive information about a DD-WRT router and internal clients, including IP addresses, MAC addresses and host names. This information can be used for further network attacks as well as very accurate geolocation. This is exploitable even if remote administration is disabled. Version 24-preSP2 is affected.
7102053c920ae264843dc40d0a21522a645ecbba49d6f4df097245cfdadc92f8
Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.
f8af490bc3a09124eb5ac6ce1157366530cb516cf856a398b6ece819b6e6643e
Secunia Security Advisory - Craig Heffner has reported a security issue in multiple D-Link DIR routers, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable device.
897c2b42c12fdadcf0833fa5f58144152e8fdedb327f51fe21ad52f5dfdd065a
Secunia Security Advisory - A vulnerability has been reported in Linksys WRT54G2 and BEFSR41 routers, which can be exploited by malicious people to conduct cross-site request forgery attacks.
eeacdb42cf555d69b25ba5f7a211b2334671de00bf0f541f949afbdc087ede74
This file provides a detailed description of a privilege escalation vulnerability that has been confirmed to affect the DIR-615 revD router running firmware version 4.11.
a160c910db3449d12d52aa5b71001bba6e2a99708a556a84bf479eddf5694cb0
Proof of concept exploits for cross site request forgery vulnerabilities found in the Linksys WRT54G2 and WRT54G routers.
b828c25f846a2d0368ccab279f0ecc63d70d06cad75e64a301b44245aa6d868b
D-Link routers such as the DIR-615 revD, DIR-320 and DIR-300 all suffer from multiple remote authentication bypass vulnerabilities.
f1a9231c26177ad1738cc646517d63f8730f5f15148496f3064ab23103362ee0
Floppyfw is a router and firewall in one image. It uses Linux basic firewall capabilities, and has a simple packaging system. It is ideal for masquerading and securing networks on ADSL and cable lines, using static IP, DHCP, and PPPoE. Installation involves editing of only one file on the floppy. This is the iso version.
b7142e9a63474752a6984ebdad22fc58cd0680114f5119ae4d49fd6452cb83df
Whitepaper called Cisco IOS Router Exploitation. This paper describes the challenges with the exploitation of memory corruption software vulnerabilities in Cisco IOS. The goal is to map out the problem space in order to allow for the anticipation of developments in the future, as current research suggests that exploitation of such vulnerabilities in the wild is not currently the case. By understanding the challenges that an attacker faces, defensive strategies can be better planned, a required evolution with the current state of Cisco IOS router networks.
c8f425e5b59d8610a92403e4d24fbd0a74109b64e2b2600c739f8f66b44a6701