Multiple Vulnerabilities Allow Attackers to Take Full Control of Linksys Routers Link

[silversurfer]

Cisco Talos Intelligence Group's Jared Rittle found three vulnerabilities in the Linksys E Series line of routers which allow attackers to execute arbitrary system commands by exploiting operating system command injections.

"An attacker can exploit these bugs by sending an authenticated HTTP request to the network configuration. An attacker could then gain the ability to arbitrarily execute code on the machine," says the Cisco Talos researcher.
Rittle tested his proofs-of-concept against two Linksys router models, the Linksys E1200 and the Linksys E2500, but according to his advisory, there are other vulnerable routers in the Linksys E series line.

Source: https://news.softpedia.com/news/multiple...3269.shtml