NETGEAR WNR2000 permits a administrator to play out various sensitive functions in the web interface through an obvious CGI script named apply.cgi.
This script is invoked while changing Internet settings, WLAN settings, re-establish to industrial facility settings, reboot the switch, and so on.
However apply.cgi is not really a script, yet a function that is invoked in the HTTP server (uhttpd) when it gets that string in the URL.
Read more at GBHackers On Security
No comments:
Post a Comment