Bugtraq: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)

From: dan.crowley () gmail com
Date: Wed, 10 Dec 2008 19:14:10 -0700

This doesn't look like an XRSF flaw to me, unless this html is supposed to be inserted via some XRSF flaw, in which 
case you've given us a payload with no vulnerability details and no PoC exploit.

Looks like someone from the DD-WRT team has also commented, denying that this is actually a vulnerability.

If you have more details, please do post them.

By Date By Thread

Current thread:

Re[2]: Multiple XSRF in DD-WRT (Remote Root Command Execution), (continued)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) pUm (Dec 11)
  - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) Sebastian Gottschall (DD-WRT) (Dec 11)
  - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) Sebastian Gottschall (DD-WRT) (Dec 11)
    - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) David E. Thiel (Dec 11)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) dan . crowley (Dec 11)
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) dan . crowley (Dec 11)
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) 0xjbrown41 (Dec 15)