Vulnerabilities > Linksys > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-05-06 | CVE-2008-2092 | Resource Management Errors vulnerability in Linksys Spa-2102 Phone Adapter 3.3.6 Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). | 7.8 |
| 2008-03-13 | CVE-2007-6709 | Permissions, Privileges, and Access Controls vulnerability in Linksys Wag54Gs 1.00.06 The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | 7.5 |
| 2008-03-10 | CVE-2008-1265 | Improper Input Validation vulnerability in Linksys Wrt54G The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. | 7.8 |
| 2008-03-10 | CVE-2008-1264 | Improper Authentication vulnerability in Linksys Wrt54G The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file. | 7.5 |
| 2007-04-25 | CVE-2007-2270 | Denial of Service vulnerability in Linksys SPA941 377 Character The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request. | 7.8 |
| 2007-03-06 | CVE-2006-7121 | Denial Of Service vulnerability in Linksys Spa921 1.0.0 The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote attackers to cause a denial of service (reboot) via (1) a long URL, or a long (2) username or (3) password during Basic Authentication. | 7.8 |
| 2006-12-10 | CVE-2006-6411 | Denial Of Service vulnerability in Linksys WIP 330 Wireless-G IP Phone 1.0.6A PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows remote attackers to cause a denial of service (crash) via a TCP SYN scan, as demonstrated using TCP ports 1-65535 with nmap. | 7.8 |
| 2006-11-14 | CVE-2006-5882 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field. | 8.3 |
| 2005-12-15 | CVE-2005-4257 | Denial Of Service vulnerability in Multiple Linksys Routers LanD Packet Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). | 7.8 |
| 2005-09-15 | CVE-2005-2799 | Remote Security vulnerability in Linksys Wrt54G 3.01.3/3.03.6 Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request. | 7.5 |