[Exploit] CVE-2017-17411 - Linksys WVBR0 25 Command Injection 

## Command Injection

```
echo "xxx.xxx.xxx.xxxUSER-AGENT" | md5sum
```

- xxx.xxx.xxx.xxx is your ip.
- USER-AGENT can be a command injection  @string.

Send a http request with an command injection payload user-agent.


## References

1. https://www.thezdi.com/blog/2017/12/13/remote-root-in-directvs-wireless-video-bridge-a-tale-of-rage-and-despair
2. https://thehackernews.com/2017/12/directv-wvb-hack.html
3. https://github.com/nixawk/labs/blob/master/CVE-2017-17411/exploit-CVE-2017-17411.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Exploit] CVE-2017-17411 - Linksys WVBR0 25 Command Injection #17

Command Injection

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[Exploit] CVE-2017-17411 - Linksys WVBR0 25 Command Injection #17

Description

Command Injection

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions