Lucene search
MitreCVELIST:CVE-2009-2765HistoryAug 14, 2009 - 3:00 p.m.
CVE-2009-2765
2009-08-1415:00:00
mitre
www.cve.org
1
httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI.
References
isc.sans.org/diary.html?storyid=6853
metasploit.com/svn/framework3/trunk/modules/exploits/linux/http/ddwrt_cgibin_exec.rb
securitytracker.com/id?1022596
www.dd-wrt.com/
www.dd-wrt.com/phpBB2/viewtopic.php?t=55173
www.exploit-db.com/exploits/9209
www.osvdb.org/55990
www.securityfocus.com/bid/35742
www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/
Related
cve
cve
CVE-2009-2765
2009-08-14 15:16:27
nvd
nvd
CVE-2009-2765
2009-08-14 15:16:27
packetstorm
packetstorm
DD-WRT HTTP Daemon Arbitrary Command Execution
2009-10-27 00:00:00
nessus
nessus
DD-WRT HTTP Daemon Metacharacter Injection Remote Code Execution
2009-07-23 00:00:00
exploitdb
exploitdb
DD-WRT HTTP v24-SP1 - Command Injection
2009-07-20 00:00:00
DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit)
2010-07-07 00:00:00
DD-WRT HTTPd Daemon/Service - Remote Command Execution
2009-07-20 00:00:00
metasploit
metasploit
DD-WRT HTTP Daemon Arbitrary Command Execution
2009-07-21 12:56:42
seebug
seebug
DD-WRT HTTP v24-SP1 Command Injection Vulnerability
2009-07-20 00:00:00
openvas
openvas
prion
prion
Design/Logic Flaw
2009-08-14 15:16:00