Vulnerability & Exploit Database

Back to search

Netgear DGN2200 dnslookup.cgi Command Injection

This module exploits a command injection vulnerablity in NETGEAR DGN2200v1/v2/v3/v4 routers by sending a specially crafted post request with valid login details.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/linux/http/netgear_dnslookup_cmd_exec

Authors

  • thecarterb
  • SivertPL

References

Targets

  • NETGEAR DDGN2200 Router

Platforms

  • unix

Architectures

  • cmd

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/linux/http/netgear_dnslookup_cmd_exec msf exploit(netgear_dnslookup_cmd_exec) > show targets ...targets... msf exploit(netgear_dnslookup_cmd_exec) > set TARGET <target-id> msf exploit(netgear_dnslookup_cmd_exec) > show options ...show and set options... msf exploit(netgear_dnslookup_cmd_exec) > exploit