CVE-2004-2606
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
92.0%
The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linksys | befsr41_v3 | * | cpe:2.3:h:linksys:befsr41_v3:*:*:*:*:*:*:*:* |
| linksys | wrt54g | 2.02.7 | cpe:2.3:h:linksys:wrt54g:2.02.7:*:*:*:*:*:*:* |
References
ftp://ftp.linksys.com/pub/network/wrt54g_2.02.8_US_code_beta.zip
archives.neohapsis.com/archives/bugtraq/2004-05/0316.html
archives.neohapsis.com/archives/bugtraq/2004-06/0002.html
archives.neohapsis.com/archives/bugtraq/2004-06/0020.html
archives.neohapsis.com/archives/bugtraq/2004-06/0190.html
secunia.com/advisories/11754
web.archive.org/web/20040823075750/http://www.linksys.com/download/firmware.asp?fwid=201
www.nwfusion.com/news/2004/0607confuse.html
www.osvdb.org/6577
www.securityfocus.com/archive/1/365175
www.securityfocus.com/archive/1/365227/30/0/threaded
www.securityfocus.com/bid/10441
exchange.xforce.ibmcloud.com/vulnerabilities/16274
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
92.0%