CVE-2008-1247 Information
Description
The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri (2) AdvRoute.tri (3) Basic.tri (4) ctlog.tri (5) ddns.tri (6) dmz.tri (7) factdefa.tri (8) filter.tri (9) fw.tri (10) manage.tri (11) ping.tri (12) PortRange.tri (13) ptrigger.tri (14) qos.tri (15) rstatus.tri (16) tracert.tri (17) vpn.tri (18) WanMac.tri (19) WBasic.tri or (20) WFilter.tri. NOTE: the Security.tri vector is already covered by CVE-2006-5202.
Reference
http://kinqpinz.info/lib/wrt54g/own.txt http://secunia.com/advisories/29344 http://www.gnucitizen.org/projects/router-hacking-challenge/ http://www.securityfocus.com/archive/1/489009/100/0/threaded http://www.securityfocus.com/bid/28381 https://exchange.xforce.ibmcloud.com/vulnerabilities/41118 https://kinqpinz.info/lib/wrt54g/ https://kinqpinz.info/lib/wrt54g/own2.txt https://www.exploit-db.com/exploits/5313 https://www.exploit-db.com/exploits/5926
Share on: