Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
7 vulnerabilities by DD-WRT
CVE-2022-27631 (GCVE-0-2022-27631)
Vulnerability from cvelistv5 – Published: 2022-08-05 21:19 – Updated: 2025-04-15 18:53
VLAI
Summary
A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
Severity
5.3 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
1 reference
Impacted products
Date Public
2022-07-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1510"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-27631",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T18:18:42.739291Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T18:53:26.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DD-WRT",
"vendor": "DD-WRT",
"versions": [
{
"status": "affected",
"version": "Revision 32270 - Revision 48599"
}
]
}
],
"datePublic": "2022-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00.000Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1510"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2022-27631",
"datePublished": "2022-08-05T21:19:29.848Z",
"dateReserved": "2022-04-05T00:00:00.000Z",
"dateUpdated": "2025-04-15T18:53:26.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13976 (GCVE-0-2020-13976)
Vulnerability from cvelistv5 – Published: 2020-06-09 13:07 – Updated: 2024-11-18 17:28 Disputed
VLAI
Summary
An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation through CSRF might be possible. NOTE: software maintainers consider the report invalid because it refers to an old software version, requires administrative privileges, and does not provide access beyond that already available to administrative users
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://svn.dd-wrt.com/ticket/7039 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://svn.dd-wrt.com/ticket/7039"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-13976",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-24T17:33:10.368953Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T17:28:39.274Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation through CSRF might be possible. NOTE: software maintainers consider the report invalid because it refers to an old software version, requires administrative privileges, and does not provide access beyond that already available to administrative users"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-09T13:07:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://svn.dd-wrt.com/ticket/7039"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13976",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation through CSRF might be possible. NOTE: software maintainers consider the report invalid because it refers to an old software version, requires administrative privileges, and does not provide access beyond that already available to administrative users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://svn.dd-wrt.com/ticket/7039",
"refsource": "MISC",
"url": "https://svn.dd-wrt.com/ticket/7039"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13976",
"datePublished": "2020-06-09T13:07:18.000Z",
"dateReserved": "2020-06-09T00:00:00.000Z",
"dateUpdated": "2024-11-18T17:28:39.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6297 (GCVE-0-2012-6297)
Vulnerability from cvelistv5 – Published: 2020-02-06 17:01 – Updated: 2024-08-06 21:28
VLAI
Summary
Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://packetstormsecurity.com/files/cve/CVE-2012-6297 | x_refsource_MISC |
| https://vuldb.com/?id.9527 | x_refsource_MISC |
| https://seclists.org/fulldisclosure/2013/Oct/241 | mailing-listx_refsource_FULLDISC |
| https://lists.openwall.net/bugtraq/2013/07/12/2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2012-11-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-6297"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.9527"
},
{
"name": "[CVE-2012-6297] DD-WRT v24-sp2 Command Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "https://seclists.org/fulldisclosure/2013/Oct/241"
},
{
"name": "CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://lists.openwall.net/bugtraq/2013/07/12/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-06T17:01:25.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-6297"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.9527"
},
{
"name": "[CVE-2012-6297] DD-WRT v24-sp2 Command Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "https://seclists.org/fulldisclosure/2013/Oct/241"
},
{
"name": "CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://lists.openwall.net/bugtraq/2013/07/12/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-6297",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-6297"
},
{
"name": "https://vuldb.com/?id.9527",
"refsource": "MISC",
"url": "https://vuldb.com/?id.9527"
},
{
"name": "[CVE-2012-6297] DD-WRT v24-sp2 Command Injection",
"refsource": "FULLDISC",
"url": "https://seclists.org/fulldisclosure/2013/Oct/241"
},
{
"name": "CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2",
"refsource": "BUGTRAQ",
"url": "https://lists.openwall.net/bugtraq/2013/07/12/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6297",
"datePublished": "2020-02-06T17:01:25.000Z",
"dateReserved": "2012-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:28:39.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2765 (GCVE-0-2009-2765)
Vulnerability from cvelistv5 – Published: 2009-08-14 15:00 – Updated: 2024-08-07 05:59
VLAI
Summary
httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/35742 | vdb-entryx_refsource_BID |
| http://www.exploit-db.com/exploits/9209 | exploitx_refsource_EXPLOIT-DB |
| http://www.dd-wrt.com/ | x_refsource_CONFIRM |
| http://www.osvdb.org/55990 | vdb-entryx_refsource_OSVDB |
| http://www.theregister.co.uk/2009/07/21/critical_… | x_refsource_MISC |
| http://isc.sans.org/diary.html?storyid=6853 | x_refsource_MISC |
| http://securitytracker.com/id?1022596 | vdb-entryx_refsource_SECTRACK |
| http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173 | x_refsource_MISC |
| http://metasploit.com/svn/framework3/trunk/module… | x_refsource_MISC |
Date Public
2009-07-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:57.111Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35742",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35742"
},
{
"name": "9209",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9209"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.dd-wrt.com/"
},
{
"name": "55990",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/55990"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://isc.sans.org/diary.html?storyid=6853"
},
{
"name": "1022596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022596"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://metasploit.com/svn/framework3/trunk/modules/exploits/linux/http/ddwrt_cgibin_exec.rb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35742",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35742"
},
{
"name": "9209",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9209"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.dd-wrt.com/"
},
{
"name": "55990",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/55990"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://isc.sans.org/diary.html?storyid=6853"
},
{
"name": "1022596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022596"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://metasploit.com/svn/framework3/trunk/modules/exploits/linux/http/ddwrt_cgibin_exec.rb"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2765",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35742",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35742"
},
{
"name": "9209",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9209"
},
{
"name": "http://www.dd-wrt.com/",
"refsource": "CONFIRM",
"url": "http://www.dd-wrt.com/"
},
{
"name": "55990",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/55990"
},
{
"name": "http://www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/"
},
{
"name": "http://isc.sans.org/diary.html?storyid=6853",
"refsource": "MISC",
"url": "http://isc.sans.org/diary.html?storyid=6853"
},
{
"name": "1022596",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022596"
},
{
"name": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173",
"refsource": "MISC",
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
},
{
"name": "http://metasploit.com/svn/framework3/trunk/modules/exploits/linux/http/ddwrt_cgibin_exec.rb",
"refsource": "MISC",
"url": "http://metasploit.com/svn/framework3/trunk/modules/exploits/linux/http/ddwrt_cgibin_exec.rb"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2765",
"datePublished": "2009-08-14T15:00:00.000Z",
"dateReserved": "2009-08-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:59:57.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6974 (GCVE-0-2008-6974)
Vulnerability from cvelistv5 – Published: 2009-08-14 15:00 – Updated: 2024-08-07 11:49
VLAI
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentials via the http_username and http_passwd parameters; (3) enable remote administration via the remote_management parameter; or (4) configure port forwarding via certain from, to, ip, and pro parameters.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/9209 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/499132 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/499119 | mailing-listx_refsource_BUGTRAQ |
| http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/499135 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/499024 | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-12-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:49:02.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9209",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/9209"
},
{
"name": "20081211 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499132"
},
{
"name": "20081210 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
},
{
"name": "20081211 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499135"
},
{
"name": "20081208 Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentials via the http_username and http_passwd parameters; (3) enable remote administration via the remote_management parameter; or (4) configure port forwarding via certain from, to, ip, and pro parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9209",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/9209"
},
{
"name": "20081211 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499132"
},
{
"name": "20081210 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
},
{
"name": "20081211 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499135"
},
{
"name": "20081208 Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499024"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentials via the http_username and http_passwd parameters; (3) enable remote administration via the remote_management parameter; or (4) configure port forwarding via certain from, to, ip, and pro parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9209",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/9209"
},
{
"name": "20081211 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499132"
},
{
"name": "20081210 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499119"
},
{
"name": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173",
"refsource": "MISC",
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
},
{
"name": "20081211 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499135"
},
{
"name": "20081208 Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499024"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6974",
"datePublished": "2009-08-14T15:00:00.000Z",
"dateReserved": "2009-08-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:49:02.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2766 (GCVE-0-2009-2766)
Vulnerability from cvelistv5 – Published: 2009-08-14 15:00 – Updated: 2024-08-07 05:59
VLAI
Summary
httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.exploit-db.com/exploits/9209 | exploitx_refsource_EXPLOIT-DB |
| http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173 | x_refsource_MISC |
Date Public
2009-07-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:57.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9209",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9209"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9209",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9209"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2766",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9209",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9209"
},
{
"name": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173",
"refsource": "MISC",
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2766",
"datePublished": "2009-08-14T15:00:00.000Z",
"dateReserved": "2009-08-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:59:57.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6975 (GCVE-0-2008-6975)
Vulnerability from cvelistv5 – Published: 2009-08-14 15:00 – Updated: 2024-08-07 11:49
VLAI
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp2 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentials via the http_username and http_passwd parameters; (3) enable remote administration via the remote_management parameter; or (4) configure port forwarding via certain from, to, ip, and pro parameters. NOTE: This issue reportedly exists because of a "weak ... anti-CSRF fix" implemented in 24 sp2.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/9209 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/499119 | mailing-listx_refsource_BUGTRAQ |
| http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/499135 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/499024 | mailing-listx_refsource_BUGTRAQ |
Date Public
2008-12-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:49:02.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9209",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/9209"
},
{
"name": "20081210 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
},
{
"name": "20081211 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499135"
},
{
"name": "20081208 Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp2 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentials via the http_username and http_passwd parameters; (3) enable remote administration via the remote_management parameter; or (4) configure port forwarding via certain from, to, ip, and pro parameters. NOTE: This issue reportedly exists because of a \"weak ... anti-CSRF fix\" implemented in 24 sp2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9209",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/9209"
},
{
"name": "20081210 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
},
{
"name": "20081211 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499135"
},
{
"name": "20081208 Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499024"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6975",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in apply.cgi in DD-WRT 24 sp2 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the ping_ip parameter; (2) change the administrative credentials via the http_username and http_passwd parameters; (3) enable remote administration via the remote_management parameter; or (4) configure port forwarding via certain from, to, ip, and pro parameters. NOTE: This issue reportedly exists because of a \"weak ... anti-CSRF fix\" implemented in 24 sp2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9209",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/9209"
},
{
"name": "20081210 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499119"
},
{
"name": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173",
"refsource": "MISC",
"url": "http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173"
},
{
"name": "20081211 Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499135"
},
{
"name": "20081208 Multiple XSRF in DD-WRT (Remote Root Command Execution)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499024"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6975",
"datePublished": "2009-08-14T15:00:00.000Z",
"dateReserved": "2009-08-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:49:02.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}