Vulnerabilities > CVE-2005-2799 - Remote Security vulnerability in Linksys Wrt54G 3.01.3/3.03.6

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
linksys
nessus
exploit available
metasploit

Summary

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.

Vulnerable Configurations

Part Description Count
Hardware
Linksys
2

Exploit-Db

  • descriptionLinksys WRT54G < 4.20.7 , WRT54GS < 1.05.2 apply.cgi Buffer Overflow. CVE-2005-2799. Remote exploit for cgi platform
    idEDB-ID:10028
    last seen2016-02-01
    modified2005-09-13
    published2005-09-13
    reporterRaphael Rigo
    sourcehttps://www.exploit-db.com/download/10028/
    titleLinksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow
  • descriptionLinksys WRT54 Access Point apply.cgi Buffer Overflow. CVE-2005-2799. Remote exploit for hardware platform
    idEDB-ID:16854
    last seen2016-02-02
    modified2010-09-24
    published2010-09-24
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16854/
    titleLinksys WRT54 Access Point apply.cgi Buffer Overflow

Metasploit

Nessus

NASL familyCISCO
NASL idLINKSYS_MULTIPLE_VULNS.NASL
descriptionThe remote host appears to be a Linksys WRT54G Wireless Router. The firmware version installed on the remote host is prone to several flaws: - Execute arbitrary commands on the affected router with root privilages. (CVE-2005-2916) - Download and replace the configuration of affected routers via a special POST request to the
last seen2020-06-01
modified2020-06-02
plugin id20096
published2005-10-28
reporterCopyright (C) 2005-2018 Josh Zlatin-Amishav
sourcehttps://www.tenable.com/plugins/nessus/20096
titleLinksys Multiple Vulnerabilities (OF, DoS, more)

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/82237/linksys_apply_cgi.rb.txt
idPACKETSTORM:82237
last seen2016-12-05
published2009-10-27
reporterRaphael Rigo
sourcehttps://packetstormsecurity.com/files/82237/Linksys-apply.cgi-Buffer-Overflow.html
titleLinksys apply.cgi Buffer Overflow