Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2006-2559
HistoryMay 24, 2006 - 1:02 a.m.

CVE-2006-2559

2006-05-2401:02:00
mitre
web.nvd.nist.gov
28
linksys
wrt54g
router
upnp
unauthorized operations
cve-2006-2559

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.01

Percentile

83.8%

JSON

Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.

Affected configurations

Nvd
Node
linksyswrt54gMatch1.42.3
OR
linksyswrt54gMatch2.00.8
OR
linksyswrt54gMatch2.02.7
OR
linksyswrt54gMatch2.04.4
OR
linksyswrt54gMatch2.04.4_non_default
OR
linksyswrt54gMatch3.01.3
OR
linksyswrt54gMatch3.03.6
OR
linksyswrt54gMatch4.00.7
OR
linksyswrt54g_v5
VendorProductVersionCPE
linksyswrt54g1.42.3cpe:2.3:h:linksys:wrt54g:1.42.3:*:*:*:*:*:*:*
linksyswrt54g2.00.8cpe:2.3:h:linksys:wrt54g:2.00.8:*:*:*:*:*:*:*
linksyswrt54g2.02.7cpe:2.3:h:linksys:wrt54g:2.02.7:*:*:*:*:*:*:*
linksyswrt54g2.04.4cpe:2.3:h:linksys:wrt54g:2.04.4:*:*:*:*:*:*:*
linksyswrt54g2.04.4_non_defaultcpe:2.3:h:linksys:wrt54g:2.04.4_non_default:*:*:*:*:*:*:*
linksyswrt54g3.01.3cpe:2.3:h:linksys:wrt54g:3.01.3:*:*:*:*:*:*:*
linksyswrt54g3.03.6cpe:2.3:h:linksys:wrt54g:3.03.6:*:*:*:*:*:*:*
linksyswrt54g4.00.7cpe:2.3:h:linksys:wrt54g:4.00.7:*:*:*:*:*:*:*
linksyswrt54g_v5*cpe:2.3:h:linksys:wrt54g_v5:*:*:*:*:*:*:*:*

Related

prion 1
nvd 2
cvelist 2
cve 1
prion
prion
Authentication flaw
2006-05-24 01:02:00
nvd
nvd
CVE-2006-2559
2006-05-24 01:02:00
CVE-2006-5202
2006-10-10 04:06:00
cvelist
cvelist
CVE-2006-2559
2006-05-24 01:00:00
CVE-2006-5202
2006-10-09 18:00:00
cve
cve
CVE-2006-5202
2006-10-10 04:06:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0.01

Percentile

83.8%

JSON
Related for CVE-2006-2559
prion1nvd2cvelist2cve1