File tree Expand file tree Collapse file tree 1 file changed +2
-1
lines changed
modules/exploits/linux/http Expand file tree Collapse file tree 1 file changed +2
-1
lines changed Original file line number Diff line number Diff line change @@ -23,7 +23,8 @@ def initialize(info = {})
2323 Some Linksys Routers are vulnerable to an authenticated OS command injection.
2424 Default credentials for the web interface are admin/admin or admin/password. Since
2525 it is a blind os command injection vulnerability, there is no output for the
26- executed command when using the cmd generic payload. A ping command against a
26+ executed command when using the cmd generic payload. This module was tested on a
27+ Linksys WRT160n version 2 - firmware version v2.0.03. A ping command against a
2728 controlled system could be used for testing purposes. The exploit uses the tftp
2829 client from the device to download the payload.
2930 } ,
You can’t perform that action at this time.
0 commit comments