EUVD-2010-2273

Malware in sbrugna...

EUVD-2010-2510

Malware in sbrugna...

VulnCheck KEV: CVE-2010-1573

Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username Gemtek and password gemtekswd for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the 1 data1, 2 data2, or 3 data3 parameters to a Debugcommandpage.asp...

VulnCheck KEV: CVE-2010-2261

Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 data2 and 2 data3 parameters to a Debugcommandpage.asp and b debug.cgi...

Linksys WAP54Gv3 /Debug_command_page.asp 后门漏洞

No description provided by source...

Linksys Router Debug Credentials (Gemtek / gemtekswd)

The remote Linksys device accepts hard-coded default credentials Gemtek / gemtekswd on a debug page. An attacker can run arbitrary commands on this device using this account. This flaw is known to affect two firmware versions : - Linksys WAP54Gv3 3.4.3.US - Linksys WAP54Gv3 3.5.3.Europe...

CVE-2010-2506

Cross-site scripting XSS vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter...

CVE-2010-2506

Cross-site scripting XSS vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter...

CVE-2010-2506

CVE-2010-2506 is an XSS vulnerability in the Linksys WAP54Gv3 firmware (versions 3.04.03 and 3.05.03) disclosed in the CVE entry. The flaw resides in the debug.cgi component, allowing remote attackers to inject arbitrary web script or HTML via the data1 parameter. The NVD entry reports low base s...

Linksys WAP54Gv3 Wireless Router - debug.cgi Cross-Site Scripting

Linksys WAP54Gv3 Wireless Router - debug.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/41061/info Linksys WAP54Gv3 Wireless Router is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attackers may exploit th...

Linksys WAP54Gv3 Wireless Router - 'debug.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41061/info Linksys WAP54Gv3 Wireless Router is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attackers may exploit this issue by enticing victims into visiting a malicious site. An...

IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell

Security Advisory IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell Advisory Information -------------------- Published: 2010-06-08 Updated: 2010-06-08 Manufacturer: Linksys Model: WAP54G Hardware version: v3.x Firmware version: ver.3.05.03 Europe ver.3.04.03 Vulnerability Details...

CVE-2010-2261

Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 data2 and 2 data3 parameters to a Debugcommandpage.asp and b debug.cgi...

CVE-2010-1573

Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username Gemtek and password gemtekswd for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the 1 data1, 2 data2, or 3 data3 parameters to a Debugcommandpage.asp and b debug.cgi...

Hardcoded credentials

Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username Gemtek and password gemtekswd for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the 1 data1, 2 data2, or 3 data3 parameters to a Debugcommandpage.asp and b debug.cgi...

Code injection

Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 data2 and 2 data3 parameters to a Debugcommandpage.asp and b debug.cgi...

CVE-2010-2261

Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 data2 and 2 data3 parameters to a Debugcommandpage.asp and b debug.cgi...

CVE-2010-2261

The CVE-2010-2261 entries confirm a remote command execution vulnerability in Linksys WAP54Gv3 firmware 3.04.03 and earlier. The issue is triggered by shell metacharacters supplied in the data2 and data3 parameters to Debug_command_page.asp and debug.cgi, enabling an attacker to execute arbitrary...

CVE-2010-1573

Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username Gemtek and password gemtekswd for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the 1 data1, 2 data2, or 3 data3 parameters to a Debugcommandpage.asp and b debug.cgi...