WODESYS WD-R608U Router Unauthenticated Command Execution Vulnerability

A vulnerability exists in the WODESYS WD-R608U router, also known as the WDR122B V2.0 and WDR28, due to a lack of authentication in the configuration change module of the adm.cgi endpoint. This vulnerability allows an unauthenticated attacker to execute commands such as creating backups, restarting the device, and resetting it to factory settings. The vulnerability has been confirmed in the WDR28081123OV1.01 version, while other versions may also be vulnerable.

Impact

Exploitation of this vulnerability allows for unauthorized command execution on the affected router, including administrative actions such as restarting the device or resetting it to factory settings.

Reproduction

To reproduce this vulnerability, send a request to the adm.cgi endpoint without authentication. The request can include commands to create a backup, restart the device, or reset it to factory settings. This vulnerability can be exploited remotely, without any user interaction.