Vulnerabilities > Linksys > Wrt54G > 3.03.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-15 | CVE-2005-2799 | Remote Security vulnerability in Linksys Wrt54G 3.01.3/3.03.6 Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request. | 7.5 |
| 2005-09-14 | CVE-2005-2916 | Remote Security vulnerability in Linksys Wrt54G 3.01.3/3.03.6/4.00.7 Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi. | 5.0 |
| 2005-09-14 | CVE-2005-2915 | Remote Security vulnerability in Linksys Wrt54G 2.04.4Nondefault/3.01.3/3.03.6 ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914. | 5.0 |
| 2005-09-14 | CVE-2005-2914 | Remote Security vulnerability in Linksys Wrt54G 2.04.4/3.01.3/3.03.6 ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration. | 7.5 |
| 2005-09-14 | CVE-2005-2912 | Denial-Of-Service vulnerability in Linksys Wrt54G 3.01.3/3.03.6/4.00.7 Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value. | 5.0 |