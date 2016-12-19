Disable web server



The very vulnerabilities that exist on affected routers may be used to temporarily disable the vulnerable web server until the device is restarted:

http://<router_IP>/cgi-bin/;killall$IFS'httpd'

Note that after performing this step, your router's web administration not be available until the device is restarted. Please see Bas' Blog for more details.



Do not enable remote administration



Enabling remote administration allows affected routers to be exploited via direct requests from the WAN. As such, users are strongly advised to leave remote administration disabled, or disable it if is has been enabled previously.



Discontinue use



Exploiting these vulnerabilities is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available.