CVE-2008-1244
CVE-2008-1244
cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote attackers to perform administrative actions, as demonstrated by changing a DNS server via the dns1_1, dns1_2, dns1_3, and dns1_4 parameters. NOTE: it was later reported that F5D7632-4V6 with firmware 6.01.08 is also affected.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/6305unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.mozilla.org/show_bug.cgi?id=371598http://secunia.com/advisories/29345https://exchange.xforce.ibmcloud.com/vulnerabilities/41124http://www.gnucitizen.org/projects/router-hacking-challenge/http://www.securityfocus.com/archive/1/489009/100/0/threadedhttp://www.securityfocus.com/bid/28319