Blog | G5 Cyber Security

Belkin Linksys WRT110 Remote Command Execution – Ver2 (CVE-2013-3568)

A remote command execution vulnerability has been reported in Belkin Linksys WRT110 firmware. The vulnerability is due to the Web interface’s failure to sanitize ping targets as well as a lack of CSRF tokens. A remote attacker could exploit this vulnerability by sending a malicious HTTP request to the victim. Successful exploitation of this vulnerability can result in the execution of arbitrary code in the context of the target user. Check Point Reference: CPAI-2014-2414. “]

Source: https://www.checkpoint.com/defense/advisories/public/2014/cpai-2014-2414.html

Exit mobile version