[Cerowrt-devel] bash exploit heads up

Eric S. Johansson esj at eggo.org
Wed Sep 24 18:00:34 EDT 2014

On 9/24/2014 5:54 PM, Eric S. Johansson wrote:
> On 9/24/2014 5:45 PM, Dave Taht wrote:
>> shows vulnerable for bash, not sh, on openwrt and cerowrt. That said,
>> it makes me nervous. I've never really liked the redir.sh method cero
>> uses to bounce people to the right web interface... suggestions to do
>> it in javascript or something safer desired.
> http://www.w3.org/QA/Tips/reback
> I'll take a look in the next couple of days if no one beats me to it.

looked a bit further. assuming you are still using lighthttpd, it looks 
like we should be able to to it from the lighthttp config

More information about the Cerowrt-devel mailing list