Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-5474
HistorySep 05, 2008 - 4:08 p.m.

CVE-2007-5474

2008-09-0516:08:00
CWE-20
[email protected]
web.nvd.nist.gov
20
linksys
wrt350n
wi-fi access point
firmware
atheros
ar5416-ac1e
vulnerability
remote code execution
denial of service
cve-2007-5474
nvd

7.8 High

AI Score

Confidence

High

6.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

0.015 Low

EPSS

Percentile

86.6%

JSON

The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long.

Related

seebug 1
securityvulns 2
prion 1
seebug
seebug
Atheros Communications AR5416-AC1E信息元素拒绝服务漏洞
2008-09-10 00:00:00
securityvulns
securityvulns
Atheros Vendor Specific Information Element Overflow
2008-09-07 00:00:00
Atheros wireless drivers buffer overflow
2008-09-07 00:00:00
prion
prion
Cross site request forgery (csrf)
2008-09-05 16:08:00

7.8 High

AI Score

Confidence

High

6.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

0.015 Low

EPSS

Percentile

86.6%

JSON
Related for CVE-2007-5474
seebug1securityvulns2prion1