Full title: Linksys WVBR0-25 User-Agent Command Execution Exploit Category: remote exploits Platform: hardware The Linksys WVBR0-25 Wireless Video Bridge, used by DirecTV to connect wireless Genie cable boxes to the Genie DVR, is vulnerable to OS command injection in versions prior to 1.0.41 of the web management portal via the User-Agent header. Authentication is not required to exploit this vulnerability. # 0day.today @ http://0day.today/