DD-WRT Web Management Interface Remote Arbitrary Shell Command Injection Vulnerability Network Vulnerability

Summary

DD-WRT is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.

Impact

Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges, which may facilitate a complete compromise of the affected device.

Solution

Vendor fixes are available.

Insight

httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI

Affected

DD-WRT v24-sp1 is affected other versions may also be vulnerable.

Detection

Try to execute the 'id' command via HTTP GET request.

References

http://dd-wrt.com/dd-wrtv3/index.php
http://www.dd-wrt.com
http://www.heise.de/ct/artikel/Aufstand-der-Router-1960334.html
http://www.securityfocus.com/bid/35742

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-2765

CVSS	Base Score: 8.3 AV:A/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

4psa Voipnow Local File Inclusion Vulnerability
AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
ASP-Dev XM Event Diary Multiple Vulnerabilities
artmedic_links5 File Inclusion Vulnerability
AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities

Take action and discover your vulnerabilities