Wrt54g Security Vulnerabilities and Issues — Wrt54g CVE List

Lucene search

LinksysWrt54g

5 matches found

CVE•added 2008/03/10 5:44 p.m.•53 views

CVE-2008-1247

The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (...

10CVSS6.6AI score0.1866EPSS

CVE•added 2008/03/10 5:44 p.m.•45 views

CVE-2008-1263

The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.

4CVSS5.9AI score0.00199EPSS

CVE•added 2008/03/10 5:44 p.m.•30 views

CVE-2008-1264

The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.

7.5CVSS6.5AI score0.00478EPSS

CVE•added 2008/03/10 5:44 p.m.•29 views

CVE-2008-1268

The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.

10CVSS7.2AI score0.01063EPSS

CVE•added 2008/03/10 5:44 p.m.•27 views

CVE-2008-1265

The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.

7.8CVSS6.8AI score0.00616EPSS