module
Belkin Play N750 login.cgi Buffer Overflow
| Disclosed | Created |
|---|---|
| May 9, 2014 | May 30, 2018 |
Disclosed
May 9, 2014
Created
May 30, 2018
Description
This module exploits a remote buffer overflow vulnerability on Belkin Play N750 DB
Wireless Dual-Band N+ Router N750 routers. The vulnerability exists in the handling
of HTTP queries with long 'jump' parameters addressed to the /login.cgi URL, allowing
remote unauthenticated attackers to execute arbitrary code. This module was tested in
an emulated environment, using the version 1.10.16.m of the firmware.
Wireless Dual-Band N+ Router N750 routers. The vulnerability exists in the handling
of HTTP queries with long 'jump' parameters addressed to the /login.cgi URL, allowing
remote unauthenticated attackers to execute arbitrary code. This module was tested in
an emulated environment, using the version 1.10.16.m of the firmware.
Authors
Marco Vaz mv@integrity.pt
Michael Messner devnull@s3cur1ty.de
Michael Messner devnull@s3cur1ty.de
Platform
Linux
Architectures
mipsle
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.