Jump to content

[bug]Password change field under Advanced tab is not sanitized


Recommended Posts

Hardware: Mark IV

Firmware: 2.7.0

Problem: The "change root password" field under the "advanced" tab is not sanitized. Spaces within passwords can be entered with ease, but anything after the space will not be included in the password. Along with spaces, other things like semicolons will function just as they would within the commandline. This isn't a very large issue, just a bit of an annoyance. It took me almost half an hour to figure out why my huge password wasn't working.

See for yourself: In the change password field, enter in

password ; echo OhNoes >> /OhNoes.txt[/CODE]

. This will set your password to "password" and then make a text file in your root directory called "OhNoes.txt".[/size]

[size=3]Again, this isn't much of a problem, still a bug though.[/size]

Link to comment
Share on other sites

  • 1 month later...
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...