Linksys WAG54G2 Web Management Console Remote Arbitrary Shell Command Injection Vulnerability

Linksys WAG54G2 router is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.
Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges. This may facilitate a complete compromise of the affected device.
Linksys WAG54G2 with firmware V1.00.10 is affected; other versions may also be vulnerable.

Vulnerable:  Linksys Wireless-G ADSL2+ Gateway WAG54G2 1.0.10 (Firmware)

http://www.securityfocus.com/bid/35142/discuss

Vendor’s reaction / issue history
The research was performed in early 2009.
The vendor was notified on 18.03.09.
Quick response (within one day)
Quick confirmation of the issue (within few days).
No fix till now (15.05.2009)
15.05.2009 – public disclosure

http://www.securitum.pl/dh/Linksys_WAG54G2_-_escape_to_OS_root

Leave a Reply