Vulnerabilities > Linksys > Wrt54G
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-11-22 | CVE-2011-4499 | Configuration vulnerability in multiple products The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. | 7.5 |
| 2008-03-10 | CVE-2008-1268 | Improper Authentication vulnerability in Linksys Wrt54G 7 The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password. | 10.0 |
| 2008-03-10 | CVE-2008-1265 | Improper Input Validation vulnerability in Linksys Wrt54G The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. | 7.8 |
| 2008-03-10 | CVE-2008-1264 | Improper Authentication vulnerability in Linksys Wrt54G The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file. | 7.5 |
| 2008-03-10 | CVE-2008-1263 | Cryptographic Issues vulnerability in Linksys Wrt54G The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI. | 4.0 |
| 2008-03-10 | CVE-2008-1247 | Permissions, Privileges, and Access Controls vulnerability in Linksys Wrt54G The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. | 10.0 |
| 2006-10-10 | CVE-2006-5202 | Authentication Bypass vulnerability in Linksys Wrt54G 1.00.9 Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559. | 5.0 |
| 2005-09-15 | CVE-2005-2799 | Remote Security vulnerability in Linksys Wrt54G 3.01.3/3.03.6 Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request. | 7.5 |
| 2005-09-14 | CVE-2005-2916 | Remote Security vulnerability in Linksys Wrt54G 3.01.3/3.03.6/4.00.7 Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi. | 5.0 |
| 2005-09-14 | CVE-2005-2915 | Remote Security vulnerability in Linksys Wrt54G 2.04.4Nondefault/3.01.3/3.03.6 ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914. | 5.0 |