DDWRT.HTTP.Daemon.Arbitrary.Command.Execution
Description
This indicates a possible attack toward a remote command-injection vulnerability in DD-WRT HTTP server.
The vulnerability is due to the software's failure to adequately check user-supplied data in HTTP requests. Remote attackers may exploit this to execute arbitrary code.
Affected Products
DD-WRT DD-WRT v24.sp1
DD-WRT DD-WRT v24-sp1
DD-WRT DD-WRT v24
Impact
System compromise
Recommended Actions
Currently we are not aware of any vendor-supplied patch or update.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |