Wrt160n validating

All of my testing was done using Linksys E1000, E1200, and E3200 models.

wrt160n validating-9wrt160n validating-37wrt160n validating-84

On the E1200/E3200, I was unable to execute any commands appended onto the IP address, as I did with the E1000.

It appears that there is validation being done on that value, which prevents the ping command string from being constructed.

Note that while researching these vulnerabilities, I was connected to each router's serial interface so I could see the terminal commands that were run as a result of interacting with its HTTP services, as well as the output of those commands.

The output examples in this article are taken from that serial connection.

They've released new firmware for it, Ver.2.0.05 (Build 2), and it's available on their website. Unless you really need the ability to manage one of these devices externally, it's best to disable its Remote Management functionality.

Comments