CVSS: 10.0EPSS: 12%CPEs: 1EXPL: 3CVE-2008-1247 – Linksys WRT54G Firmware 1.00.9 - Security Bypass
https://notcve.org/view.php?id=CVE-2008-1247
The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. NOTE: the Security.tri vector is already covered by CVE-2006-5202. El interfaz web del Router Linksys WRT54g con firmware 1.00.9 no requiere credenciales al invocar secuencias de comandos. Esto, permite a atacantes remotos realizar acciones administrativas a través de peticiones directas a (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. NOTA: El vector estSecurity.tri está tratado en CVE-2006-5202. • https://www.exploit-db.com/exploits/5313 http://kinqpinz.info/lib/wrt54g/own.txt http://secunia.com/advisories/29344 http://www.gnucitizen.org/projects/router-hacking-challenge http://www.securityfocus.com/archive/1/489009/100/0/threaded http://www.securityfocus.com/bid/28381 https://exchange.xforce.ibmcloud.com/vulnerabilities/41118 https://kinqpinz.info/lib/wrt54g https://kinqpinz.info/lib/wrt54g/own2.txt https://www.exploit-db.com/exploits/5926 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1264
https://notcve.org/view.php?id=CVE-2008-1264
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file. El router Linksys WRT54G tiene "admin" como su contraseña FTP por defecto, lo cual permite a atacantes remotos acceder a ficheros sensibles incluido nvram.cfg, un fichero que lista todos los documentos HTML, y un fichero ejecutable ELF. • http://www.gnucitizen.org/projects/router-hacking-challenge http://www.securityfocus.com/archive/1/489009/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/41126 • CWE-287: Improper Authentication •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 4CVE-2006-5202 – Linksys WRT54G Firmware 1.00.9 - Security Bypass
https://notcve.org/view.php?id=CVE-2006-5202
Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559. El firmware 1.00.9 del Linksys WRT54g no necesita credenciales para hacer cambios de configuración, lo que permite a atacantes remotos modificar configuraciones de su elección mediante una petición directa a Security.tri, como ha sido demostrado usando los parámetros SecurityMode y layout, un problema diferente de CVE-2006-2559. • https://www.exploit-db.com/exploits/5926 http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048495.html http://secunia.com/advisories/21372 http://securitytracker.com/id?1016638 http://www.kb.cert.org/vuls/id/930364 http://www.securityfocus.com/bid/19347 https://kinqpinz.info/lib/wrt54g https://kinqpinz.info/lib/wrt54g/own2.txt •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2006-2559
https://notcve.org/view.php?id=CVE-2006-2559
Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. • http://secunia.com/advisories/20161 http://securitytracker.com/id?1016134 http://www.securityview.org/dutch-student-finds-a-bug-in-upnp.html http://www.securityview.org/how-does-the-upnp-flaw-works.html http://www.vupen.com/english/advisories/2006/1909 https://exchange.xforce.ibmcloud.com/vulnerabilities/26707 •
CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 0CVE-2006-1067
https://notcve.org/view.php?id=CVE-2006-1067
Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. • http://www.hm2k.org/news/1141413208.html http://www.securityfocus.com/archive/1/426756/100/0/threaded http://www.securityfocus.com/archive/1/426761/100/0/threaded http://www.securityfocus.com/archive/1/426863/100/0/threaded http://www.securityfocus.com/archive/1/426934/100/0/threaded http://www.securityfocus.com/bid/16954 https://exchange.xforce.ibmcloud.com/vulnerabilities/25230 •