[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [FD] RomPager ShellShock RCE Vulnerability?
From: 1n3 () hushmail ! com
Date: 2015-09-26 16:21:24
Message-ID: 20150926162125.17794E04A3 () smtp ! hushmail ! com
[Download RAW message or body]
Here is the full ModSecurity log entry. I've also posted full details
on my blog here:
https://crowdshield.com/blog.php?name=rompager-shellshock-rce-0day
MODSECURITY LOGS:
==> /var/log/apache2/error.log in a number of common routers which
may allow full control of affected
> devices. I haven't found an existing vulnerability for this and
this
> appears to be a new trend in my ModSecurity logs. Hoping to get
some
> feedback from the community and see if anyone can confirm...
> After researching RomPager, it appears to be the underlying web
server
> used by a number of common routers which are listed below.
>
> VULNERABLE DEVICES:
> # AirLive WT-2000ARM# D-Link DSL-2640R# Huawei 520 HG# Huawei 530
TRA#
> Pentagram Cerberus P 6331-42# TP-Link TD-8816# TP-Link TD-W8901G#
> TP-Link TD-W8951ND# TP-Link TD-W8961ND# ZTE ZXV10 W300# ZynOS#
ZyXEL
> ES-2024# ZyXEL Prestige P-2602HW
>
> MODSECURITY LOGS:
> ==> /var/log/apache2/error.log
>
> _______________________________________________
> Sent through the Full Disclosure mailing list
> https://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic