Menu
What's new
By:
Filters Better Search

CVE-2016-3116 - Dropbear SSH xauth injection

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Vulnerable, but not a problem. You need to be authenticated to exploit this, which means you need to have the router's admin password anyway, since it's the only SSH user.

There's also no xauth command on the firmware.
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
D CVSS High 8.1 - CVE-2015-8960 with firmware 3004.388.8_2 Asuswrt-Merlin 6
N Is this a concern for those of us using Merlin firmware? (CVE-2024-3080) Asuswrt-Merlin 29
RMerlin CVE 2023-50868 and CVE 2023-50387 in dnsmasq when DNSSEC is enabled Asuswrt-Merlin 30

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,014 (members: 35, guests: 979)
Top