Friday, July 24, 2009

DD-WRT httpd vulnerability (milw0rm.com report)

"Note: The exploit can only be used directly from outside your network over the internet if you have enabled remote Web GUI management in the Administration tab. As immediate action please disable the remote Web GUI management. But that limitation could be easily overridden by a Cross-Site Request Forgery (CSFR) where a malicious website could inject the exploit from inside the browser."
If your running DD-WRT on your router get the update!

AlaskaJoe

No comments:

Post a Comment

All comments are moderated.

Note: Only a member of this blog may post a comment.