Command Injection Vulnerability in DD-WRT 24-sp2: Remote Denial of Service via CSRF

Command Injection Vulnerability in DD-WRT 24-sp2: Remote Denial of Service via CSRF

CVE-2012-6297 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service.

Learn more about our User Device Pen Test.