lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20150923233222.193F2E04AC@smtp.hushmail.com>
Date: Wed, 23 Sep 2015 19:32:21 -0400
From: 1n3@...hmail.com
To: fulldisclosure@...lists.org
Subject: [FD] RomPager ShellShock RCE Vulnerability?

Gr33tz. I'm disclosing details for a potential 0day RCE vulnerability
in a number of common routers which may allow full control of affected
devices. I haven't found an existing vulnerability for this and this
appears to be a new trend in my ModSecurity logs. Hoping to get some
feedback from the community and see if anyone can confirm...
After researching RomPager, it appears to be the underlying web server
used by a number of common routers which are listed below.

VULNERABLE DEVICES:
# AirLive WT-2000ARM# D-Link DSL-2640R# Huawei 520 HG# Huawei 530 TRA#
Pentagram Cerberus P 6331-42# TP-Link TD-8816# TP-Link TD-W8901G#
TP-Link TD-W8951ND# TP-Link TD-W8961ND# ZTE ZXV10 W300# ZynOS# ZyXEL
ES-2024# ZyXEL Prestige P-2602HW

MODSECURITY LOGS:
==> /var/log/apache2/error.log 

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ