May 29, 2009, 12:35PM
DSL router remotely controlled by URL
Comment Security researcher Michal Sajdak revealed at CONFidence 2009 in Krakow in mid-May that it's relatively easy to make the Linksys WAG54G2 WLAN DSL router execute arbitrary shell commands. He has now published [securitum.pl] further details.
Sajdak discovered that it's easy to add a shell command to a POST request and have the router execute it. To test this, all you need is a proxy that can modify the POST request before it's sent. Sajdak says he told the manufacturer, Cisco, about the error in March and his message was acknowledged, but he has received no report of a fix as yet. Read the full story [h-online.com]
Recommended Reads
Commenting on this Article is closed.
Today's Most Popular
- Adobe's Security Chief Talks About Driving Up The Cost of Exploits
- Twenty Something Asks Facebook For His File And Gets It - All 1,200 Pages
- New Tool Cracks Apple iWork Passwords
- Google: Bug Bounty Program Has Made Users Safer
- After Damaging Reports, Electronics Manufacturing Giant Foxconn Is Hacked
Most Commented Stories
-
Attackers Using Fake Google Analytics Code to Redirect Users to Black Hole Exploit Kit (7)
-
Flash With Sandbox in the Works for Firefox (4)
-
Apple Ships Huge Set of Patches for OS X (7)
-
Twenty Something Asks Facebook For His File And Gets It - All 1,200 Pages (55)
-
EU Asks Google to Delay Privacy Policy Changes (2)
Newsletter Sign-up
Take Our Poll
Follow Threatpost
 |  |  |  |
| Tumblr |
