[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Netgear Root Compromise via Command Injection

To: full-disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] Netgear Root Compromise via Command Injection
From: Zachary Cutlip <uid000@xxxxxxxxx>
Date: Fri, 25 Oct 2013 07:47:16 -0400

Follow-on to my authentication bypass post from Tuesday.  Hidden "ping6" 
diagnostic page in the Netgear wndr3700v4 allows command injection as root.

http://shadow-file.blogspot.com/2013/10/netgear-root-compromise-via-command.html

Here's the original auth bypass post, in case you missed it.

http://shadow-file.blogspot.com/2013/10/complete-persistent-compromise-of.html

Thanks!
Zach
Twitter:@zcutlip

--
:wq!

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] NotSoSecure CTF (in partnership with Appsec USA)
Next by Date: [Full-disclosure] AFU and IL vulnerabilities in Uploadify
Previous by thread: [Full-disclosure] [SECURITY] [DSA 2783-2] librack-ruby regression update
Next by thread: [Full-disclosure] AFU and IL vulnerabilities in Uploadify
Index(es):
- Date
- Thread