infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Try to fix a little description

bug/bundler_fix
jvazquez-r7 2013-08-07 10:26:39 -05:00
parent 33ac0c5c3f
commit 821673c4d2
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/exploits/linux/http/dlink_command_php_exec_noauth.rb
View File

@ -20,11 +20,10 @@ class Metasploit3 < Msf::Exploit::Remote
Different D-Link Routers are vulnerable to OS command injection via the web
interface. The vulnerability exists in command.php, which is accessible without
authentication. This module has been tested with the versions DIR-600 2.14b01,
DIR-300 rev B 2.13.
Two target are included, first to start a telnetd service and establish a session over
it and second to run commands via the CMD target. There is no wget or tftp client to
upload an elf backdoor easily.
According to the vulnerability discoverer, more D-Link devices may affected.
DIR-300 rev B 2.13. Two target are included, the first one starts a telnetd service
and establish a session over it, the second one runs commands via the CMD target.
There is no wget or tftp client to upload an elf backdoor easily. According to the
vulnerability discoverer, more D-Link devices may affected.
},
'Author' =>
[