Vulnerabilities > Linksys > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-07 | CVE-2006-1067 | Remote IRC Denial Of Service vulnerability in Multiple Router Vendor Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. | 5.0 |
| 2006-01-19 | CVE-2006-0309 | Remote Denial Of Service vulnerability in Linksys Befvp41 1.01.04 Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length. | 4.0 |
| 2005-09-14 | CVE-2005-2916 | Remote Security vulnerability in Linksys Wrt54G 3.01.3/3.03.6/4.00.7 Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi. | 5.0 |
| 2005-09-14 | CVE-2005-2915 | Remote Security vulnerability in Linksys Wrt54G 2.04.4Nondefault/3.01.3/3.03.6 ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914. | 5.0 |
| 2005-09-14 | CVE-2005-2912 | Denial-Of-Service vulnerability in Linksys Wrt54G 3.01.3/3.03.6/4.00.7 Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value. | 5.0 |
| 2005-08-03 | CVE-2005-2434 | Unspecified vulnerability in Linksys Wrt54G Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information. | 5.0 |
| 2005-05-02 | CVE-2005-0334 | Unspecified vulnerability in Linksys Psus4 Printserver 6032 Linksys PSUS4 running firmware 6032 allows remote attackers to cause a denial of service (device crash) via an HTTP POST request containing an unknown parameter without a value. | 5.0 |
| 2004-12-31 | CVE-2004-2508 | Cross-Site Scripting vulnerability in Linksys Wvc11B 2.10 Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter. network linksys | 4.3 |
| 2004-12-31 | CVE-2004-2507 | Unspecified vulnerability in Linksys Wvc11B 2.10 Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to read arbitrary files via an absolute pathname in the next_file parameter. | 5.0 |
| 2004-11-23 | CVE-2004-0312 | Unspecified vulnerability in Linksys Wap55Ag 1.0.7 Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2. | 6.4 |