Netgear DGN2201 dnslookup.cgi Remote Command Execution Vulnerability

The Netgear DGN2201 is a popular wireless router device. A remote command execution vulnerability exists in Netgear DGN2201 dnslookup.cgi, which can be exploited by an attacker to gain administrator privileges...

Netgear DGN2201 v1/v2/v3/v4 dnslookup.cgi Remote Command Execution

!/usr/bin/python Provides access to default user account, privileges can be easily elevated by using either: - a kernel exploit ex. memodipper was tested and it worked - by executing /bin/bd suid backdoor present on SOME but not all versions - by manipulating the httpd config files to trick the...