Lucene search
HistoryOct 10, 2006 - 4:06 a.m.
CVE-2006-5202
linksys
wrt54g
firmware
remote access
vulnerability
cve-2006-5202
nvd
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.017 Low
EPSS
Percentile
87.9%
Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559.
| CPE | Name | Operator | Version |
|---|---|---|---|
| linksys:wrt54g | linksys wrt54g | eq | 1.00.9 |
Related
cvelist
cvelist
cve
cve
CVE-2008-1247
2008-03-10 17:44:00
CVE-2006-2559
2006-05-24 01:02:00
exploitpack
exploitpack
Linksys WRT54G Firmware 1.00.9 - Security Bypass (2)
2008-06-24 00:00:00
prion
prion
Design/Logic Flaw
2008-03-10 17:44:00
Authentication flaw
2006-05-24 01:02:00
packetstorm
packetstorm
linksys54g-bypass.txt
2008-06-24 00:00:00
exploitdb
exploitdb
Linksys WRT54G Firmware 1.00.9 - Security Bypass (2)
2008-06-24 00:00:00
7 High
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.017 Low
EPSS
Percentile
87.9%
Related for CVE-2006-5202