CVE-2004-2606
7.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.04 Low
EPSS
Percentile
91.9%
The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.
| CPE | Name | Operator | Version |
|---|---|---|---|
| linksys:wrt54g | linksys wrt54g | eq | 2.02.7 |
| linksys:befsr41_v3 | linksys befsr41 v3 | eq | * |
References
ftp://ftp.linksys.com/pub/network/wrt54g_2.02.8_US_code_beta.zip
archives.neohapsis.com/archives/bugtraq/2004-05/0316.html
archives.neohapsis.com/archives/bugtraq/2004-06/0002.html
archives.neohapsis.com/archives/bugtraq/2004-06/0020.html
archives.neohapsis.com/archives/bugtraq/2004-06/0190.html
secunia.com/advisories/11754
web.archive.org/web/20040823075750/http://www.linksys.com/download/firmware.asp?fwid=201
www.nwfusion.com/news/2004/0607confuse.html
www.osvdb.org/6577
www.securityfocus.com/archive/1/365175
www.securityfocus.com/archive/1/365227/30/0/threaded
www.securityfocus.com/bid/10441
exchange.xforce.ibmcloud.com/vulnerabilities/16274
7.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.04 Low
EPSS
Percentile
91.9%