cbendan Posted August 17, 2009 Share Posted August 17, 2009 DD-WRT httpd vulnerability (milw0rm.com report)As reported at www.miw0rm.com there is a vulnerability in the http-server for the DD-WRT management GUI that can be used for execution of an exploit to gain control over the router.Note: The exploit can only be used directly from outside your network over the internet if you have enabled remote Web GUI management in the Administration tab. As immediate action please disable the remote Web GUI management. But that limitation could be easily overridden by a Cross-Site Request Forgery (CSFR) where a malicious website could inject the exploit from inside the browser.We have fixed the issue and generated new builds of the latest DD-WRT version. You can temporarily download the these files from here until we did update the router database.[uPDATE] We have integrated most of the fixed build files into the router database. You can check there if files for build 12533 are available for your router. If not (yet) please check the location mentioned above to obtain the files.The exploit can also be stopped, using a firewall rule: Go to your router's admin interface to > Administration > Commands and enter the following text:insmod ipt_webstrln -s /dev/null /tmp/exec.tmpiptables -D INPUT -p tcp -m tcp -m webstr --url cgi-bin -j REJECT --reject-with tcp-resetiptables -I INPUT -p tcp -m tcp -m webstr --url cgi-bin -j REJECT --reject-with tcp-resetpress "Save Firewall" and reboot your router. This rule blocks any attempt to access sth that has "cgi-bin" in the url. You can verify that the rule is working by entering:http://192.168.1.1/cgi-bin/;rebootin your browser. That should give a "Connection was reset" (Firefox).Important Note: This only works for non-https requests. if you have HTTPS Management turned on under > Administration > Management > Remote Access, then turn it off. If you don't want to turn it off, you only can do an Update. Link to comment Share on other sites More sharing options...
LeetPirate Posted August 18, 2009 Share Posted August 18, 2009 LOL this is old news dude, nevertheless thanks for the update. I for one would like to see the feedback of the users to get an idea of who uses dd-wrt. I would be willing to assist anyone with this kind of thing. I wrote a few scripts and stuff for various router tasks a while back, some of them are posted at the dd-wrt forums but it would be excellent to get members here to use dd-wrt. Anyway glad to have a fellow user on board, hopefully we can convert some others ;) Link to comment Share on other sites More sharing options...
Purple Trail Posted August 18, 2009 Share Posted August 18, 2009 Proud dd-wrt user here ^_^. Link to comment Share on other sites More sharing options...
SoftChip Posted August 18, 2009 Share Posted August 18, 2009 Me Too! Beats Linksucks FW any day! Should be considered RC for some stuff, but worth it in every way! :D Link to comment Share on other sites More sharing options...
158burtonseven Posted August 18, 2009 Share Posted August 18, 2009 Me too... Been on the DDWRT wagon for almost a year now. Link to comment Share on other sites More sharing options...
MrVoice Posted August 18, 2009 Share Posted August 18, 2009 I use HyperWRT + Thibor, so I can't comment on DDWRT Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.