Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-5202. PoCs published by meathive.
AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Linksys WRT54G routers, allowing remote attackers to modify router settings via direct POST requests to specific scripts without credentials. The PoC includes HTML forms and JavaScript to automate the submission of malicious configuration changes.
Description
Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559.
Exploits (1)
This exploit demonstrates an authentication bypass vulnerability in Linksys WRT54G routers, allowing remote attackers to modify router settings via direct POST requests to specific scripts without credentials. The PoC includes HTML forms and JavaScript to automate the submission of malicious configuration changes.