cve/CVE-2011-2716.md at master

0xMarcio/cve

Fork 0

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

976 B

Raw Permalink Blame History

CVE-2011-2716

Description

The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.

POC

Reference

http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
http://seclists.org/fulldisclosure/2019/Jun/18
http://seclists.org/fulldisclosure/2020/Aug/20
https://seclists.org/bugtraq/2019/Jun/14
https://support.t-mobile.com/docs/DOC-21994

Github

No PoCs found on GitHub currently.

976 B Raw Permalink Blame History

CVE-2011-2716

Description

POC

Reference

Github

976 B

Raw Permalink Blame History