Vulnerabilities > Linksys
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-11-12 | CVE-2007-5475 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements. | 6.8 |
2009-09-24 | CVE-2009-3341 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linksys Wrt54Gl Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. | 10.0 |
2008-10-17 | CVE-2008-4594 | Unspecified vulnerability in Linksys Wap400N 1.2.14 Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. | 10.0 |
2008-10-14 | CVE-2008-4441 | Improper Input Validation vulnerability in Linksys Wap400N 1.2.14 The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197. | 7.1 |
2008-09-05 | CVE-2007-5474 | Improper Input Validation vulnerability in multiple products The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long. | 6.3 |
2008-05-06 | CVE-2008-2092 | Resource Management Errors vulnerability in Linksys Spa-2102 Phone Adapter 3.3.6 Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). | 7.8 |
2008-03-13 | CVE-2007-6709 | Permissions, Privileges, and Access Controls vulnerability in Linksys Wag54Gs 1.00.06 The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | 7.5 |
2008-03-13 | CVE-2007-6708 | Cross-Site Request Forgery (CSRF) vulnerability in Linksys Wag54Gs 1.00.06 Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by (1) a Restore Factory Defaults action using the mtenRestore parameter to setup.cgi and (2) creation of a user account using the sysname parameter to setup.cgi. | 4.3 |
2008-03-13 | CVE-2007-6707 | Cross-Site Scripting vulnerability in Linksys Wag54Gs 1.00.06 Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574. | 4.3 |
2008-03-10 | CVE-2008-1268 | Improper Authentication vulnerability in Linksys Wrt54G 7 The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password. | 10.0 |