CVE-2008-1245

Belkin F5D7230-4 - Denial of Service via Invalid POST Data

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1245.

AI-analyzed exploit summary This HTML-based exploit bypasses the web interface password protection of the Belkin wireless G router (F5D7632-4V6) by leveraging unauthenticated access to CGI scripts. It allows DNS poisoning, password changes, log clearing, and other administrative actions without authentication.

Description

cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header.

Exploits (1)

exploitdb WORKING POC

htmlremotehardware

https://www.exploit-db.com/exploits/6305

View Code ZIP pw:eip

This HTML-based exploit bypasses the web interface password protection of the Belkin wireless G router (F5D7632-4V6) by leveraging unauthenticated access to CGI scripts. It allows DNS poisoning, password changes, log clearing, and other administrative actions without authentication.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Belkin F5D7632-4V6 with firmware 6.01.08

No auth needed

Prerequisites: Network access to the router's web interface (typically 192.168.2.1) · Router must be using vulnerable firmware version

MITRE ATT&CK