New Media Net Gmbh · Dd-Wrt · CVE-2009-2765
**Name of the Vulnerable Software and Affected Versions**
DD-WRT versions prior to build 12533
**Description**
The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a "cgi-bin/" URI. This is due to a problem in the httpd.c in httpd in the management GUI.
**Recommendations**
For DD-WRT versions prior to build 12533, update to a version after build 12533 to resolve the issue. As a temporary workaround, consider restricting access to the cgi-bin directory to minimize the risk of exploitation.