DD-WRT HTTP Daemon Metacharacter Injection Remote Code Execution

high Nessus Plugin ID 40353

Synopsis

An attacker can execute arbitrary code on the remote router.

Description

The remote web server is vulnerable to a command injection attack that may allow an attacker to execute arbitrary commands on the remote server (usually with root privileges).
An attacker can exploit this flaw to take complete ownership of the remote device.

Solution

Unknown at this time.

See Also

http://www.dd-wrt.com/dd-wrtv3/index.php

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=55173

Plugin Details

Severity: High

ID: 40353

File Name: ddwrt_cgibin_cmd_exec.nasl

Version: 1.20

Type: remote

Family: Web Servers

Published: 7/23/2009

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.9

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 7/20/2009

Exploitable With

Metasploit (DD-WRT HTTP Daemon Arbitrary Command Execution)

Reference Information

CVE: CVE-2009-2765

BID: 35742

CWE: 20