Unrated severityNVD Advisory· Published Aug 14, 2009· Updated Jun 16, 2026
CVE-2009-2765
CVE-2009-2765
Description
httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
9- isc.sans.org/diary.htmlnvdPatch
- www.dd-wrt.comnvdPatchVendor Advisory
- metasploit.com/svn/framework3/trunk/modules/exploits/linux/http/ddwrt_cgibin_exec.rbnvdExploit
- www.dd-wrt.com/phpBB2/viewtopic.phpnvdExploit
- www.securityfocus.com/bid/35742nvdExploit
- securitytracker.com/idnvd
- www.exploit-db.com/exploits/9209nvd
- www.osvdb.org/55990nvd
- www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/nvd
News mentions
0No linked articles in our index yet.