Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - DD-WRT Vulnerability InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

DD-WRT Vulnerability

Published: 2009-07-22
Last Updated: 2009-07-22 20:43:54 UTC
by Chris Carboni (Version: 1)
2 comment(s)

Paul wrote in to let us know about a new vulnerability in DD-WRT that was being reported in the Register at http://www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/.

DD-WRT runs on routers by Linksys, D-Link Buffalo, ASUS and well as other routers.  The complete list can be found at http://www.dd-wrt.com/wiki/index.php/Supported_Devices

This vulnerability will allow an attacker to run programs with root priviledges on a vulnerable router.

More information can be found on the DD-WRT Forum at http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173&postdays=0&postorder=asc&start=0

Christopher Carboni - Handler On Duty

Keywords:
2 comment(s)
Diary Archives