CVE-2006-2559
https://notcve.org/view.php?id=CVE-2006-2559
Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. • http://secunia.com/advisories/20161 http://securitytracker.com/id?1016134 http://www.securityview.org/dutch-student-finds-a-bug-in-upnp.html http://www.securityview.org/how-does-the-upnp-flaw-works.html http://www.vupen.com/english/advisories/2006/1909 https://exchange.xforce.ibmcloud.com/vulnerabilities/26707 •
CVE-2004-2606
https://notcve.org/view.php?id=CVE-2004-2606
The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled. • ftp://ftp.linksys.com/pub/network/wrt54g_2.02.8_US_code_beta.zip http://archives.neohapsis.com/archives/bugtraq/2004-05/0316.html http://archives.neohapsis.com/archives/bugtraq/2004-06/0002.html http://archives.neohapsis.com/archives/bugtraq/2004-06/0020.html http://archives.neohapsis.com/archives/bugtraq/2004-06/0190.html http://secunia.com/advisories/11754 http://web.archive.org/web/20040823075750/http://www.linksys.com/download/firmware.asp?fwid=201 http://www.nwfusion. •