Slashdot Mirror


Critical Flaw Discovered In DD-WRT

MagicM writes "A critical flaw has been discovered in DD-WRT, a Linux based alternative open source firmware for WLAN routers such as the fan-favorite Linksys WRT54GL. The flaw can give an attacker instant root access to the router merely by embedding an image with a specially crafted URL in a Web page (CSRF attack)." The linked page notes that a fix is being rolled out (build 12533) and gives firewall rules to thwart the attack if the fix is not available yet for a particular device.

1 of 225 comments (clear)

  1. Re:Standard Practices by karnal · · Score: 1, Redundant

    Alright, I'm a n00b. I didn't read that second line fully before posting regarding the injection.

    --
    Karnal