Share
Recommend
Print
E-mail
Comment 
Read this informative brief, prepared by Cascadia Labs, and learn how to ask the right questions to get the right answers when sourcing endpoint security vendors.
Download Now
May 29, 2009, 12:35PM
DSL router remotely controlled by URL
Security researcher Michal Sajdak revealed at CONFidence 2009 in Krakow in mid-May that it's relatively easy to make the Linksys WAG54G2 WLAN DSL router execute arbitrary shell commands. He has now published [securitum.pl] further details.
Sajdak discovered that it's easy to add a shell command to a POST request and have the router execute it. To test this, all you need is a proxy that can modify the POST request before it's sent. Sajdak says he told the manufacturer, Cisco, about the error in March and his message was acknowledged, but he has received no report of a fix as yet. Read the full story [h-online.com]
Recommended Reads
Shorten URL: http://threatpost.com/en_us/i3b. Click to copy to clipboard or post to Twitter
Threatpost Newsletter
Featured Slideshows
Take Our Poll
Threatpost Content as You Like It
 |
 |
 |
| Become a fan on | Follow us on | Sign-up for our Newsletter |
