DD-WRT security vulnerabilities

DD-WRT is an open-source alternative firmware based on Linux, developed by DD-WRT. It is suitable for various WLAN routers and embedded systems. Version DD-WRT 45723 contains a security vulnerability, which stems from a buffer overflow in the UPNP network discovery service. This vulnerability cou...

CVE-2014-9583

common.c in infosvr in ASUS WRT firmware 3.0.0.4.3761071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via ...

Authentication flaw

common.c in infosvr in ASUS WRT firmware 3.0.0.4.3761071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via ...

CVE-2014-9583

common.c in infosvr in ASUS WRT firmware 3.0.0.4.3761071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via ...

CVE-2014-9583

CVE-2014-9583 affects ASUSWRT infosvr: a MAC-address validation flaw in common.c allows an unauthenticated remote attacker to bypass authentication and execute arbitrary commands as root via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. Public details demonstrate impact as remote command executi...

PT-2009-5129

Name of the Vulnerable Software and Affected Versions DD-WRT versions prior to build 12533 Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a "cgi-bin/" URI. This is due to a problem in the httpd.c in httpd in the management GUI...