El Reg (http://www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/) reports that:
QuoteA hacker has discovered a critical vulnerability in open-source firmware available for wireless routers made my Linksys and other manufacturers that allows attackers to remotely penetrate the device and take full control of it.
The remote root vulnerability affects the most recent version of DD-WRT, a piece of firmware many router users install to give their device capabilities not available by default. The bug allows unauthenticated users to remotely gain root access simply by luring someone on the local network to a malicious website.
QuoteDD-WRT is open-source firmware that runs more than 200 different models of wireless routers and embedded devices, including those made Linksys, D-Link, Buffalo, and Netgear.
We really do have to work hard to stay safe these days. :(
if you want more info
http://www.milw0rm.com/exploits/9209
just seen it's already included in previous link , slaps himself.
Quote from: Rik on Jul 22, 2009, 10:57:27
El Reg (http://www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/) reports that:
We really do have to work hard to stay safe these days. :(
True, though it is an unofficial firmware, a bit like DGTeam, and therefore I'd say you should be aware of the associated risks when installing it.