[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVE-2013-3568 - Linksys CSRF + Root Command Injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: CVE-2013-3568 - Linksys CSRF + Root Command Injection
From: vuln-report@xxxxxxxxx
Date: Fri, 12 Jul 2013 02:24:23 GMT

Hi list,
I would like to inform you that the latest available Linksys WRT110 firmware is 
prone to root shell command injection via cross-site request forgery.  This 
vulnerability is the result of the web interface's failure to sanitize ping 
targets as well as a lack of csrf tokens.  Linksys/Belkin has responded to my 
report to say that the vulnerability is mitigated by a 10 minute idle-timeout 
feature which is available for the admin portal on this device.  It is likely 
that other devices with similar firmware are prone to this as well.

The command execution will not return output but it is possible to direct 
output into files which are available upon subsequent HTTP requests.

This issue was assigned as CVE-2013-3568.

Kind Regards,
Craig Young (@CraigTweets)

Prev by Date: Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets
Next by Date: Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets
Previous by thread: CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2
Next by thread: Multiple vulnerabilities in McAfee ePO 4.6.6
Index(es):
- Date
- Thread