This exploit demonstrates an OS command injection vulnerability in the Linksys WAG200G router via the `timer_interval` parameter in `setup.cgi`. It also includes details on a stored XSS vulnerability and an authentication bypass for password changes.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:Linksys WAG200G v1.01.06
Auth required
Prerequisites:Authentication credentials for the target device