Lucene search

[email protected]CVE-2008-2636

HistoryJun 10, 2008 - 12:32 a.m.

CVE-2008-2636

2008-06-1000:32:00

CWE-20

[email protected]

web.nvd.nist.gov

cisco

linksys

wrh54g

http service

denial of service

vulnerability

nvd

cve-2008-2636

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

8.1 High

AI Score

Confidence

High

0.129 Low

EPSS

Percentile

95.5%

JSON

The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a “/./” sequence, contains many instances of a “front_page” sequence, and ends with a “.asp” sequence.

Affected configurations

NVD

Node

ciscolinksys_wrh54g_routerMatch1.01.03

CPENameOperatorVersion
cisco:linksys_wrh54g_routercisco linksys wrh54g routereq1.01.03

CPE	Name	Operator	Version
cisco:linksys_wrh54g_router	cisco linksys wrh54g router	eq	1.01.03

References

secunia.com/advisories/30562

securityreason.com/securityalert/3929

www.securityfocus.com/archive/1/493129/100/0/threaded

www.securitytracker.com/id?1020237

www.vupen.com/english/advisories/2008/1772/references

exchange.xforce.ibmcloud.com/vulnerabilities/42890

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

8.1 High

AI Score

Confidence

High

0.129 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2008-2636

cvelist1 prion1 nvd1 checkpoint_advisories1