CVE-2008-6975

Name of the Vulnerable Software and Affected Versions: DD-WRT version 24 sp2

Description: The issue is related to multiple cross-site request forgery (CSRF) vulnerabilities in the apply.cgi component. These vulnerabilities allow remote attackers to hijack the authentication of administrators for various requests, including executing arbitrary commands via the ping ip parameter, changing administrative credentials via the http username and http passwd parameters, enabling remote administration via the remote management parameter, and configuring port forwarding via certain from, to, ip, and pro parameters. This issue exists due to a weak anti-CSRF fix implemented in version 24 sp2.

Recommendations: For DD-WRT version 24 sp2, consider disabling the apply.cgi component or restricting access to it until a proper fix is available. As a temporary workaround, avoid using the vulnerable parameters, such as ping ip, http username, http passwd, remote management, from, to, ip, and pro, in the apply.cgi component to minimize the risk of exploitation.