Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:h:linksys:wrt54g:2.00.8:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2011-4499 |
The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. Published: November 22, 2011; 6:55:04 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1263 |
The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI. Published: March 10, 2008; 1:44:00 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2008-1264 |
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file. Published: March 10, 2008; 1:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-1265 |
The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. Published: March 10, 2008; 1:44:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2006-2559 |
Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. Published: May 23, 2006; 9:02:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2005-2434 |
Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information. Published: August 03, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2004-0580 |
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. Published: August 06, 2004; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |