CVE-2005-2914
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-09-14 CVE Reserved
- 2005-09-14 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| http://www.idefense.com/application/poi/display?id=304&type=vulnerabilities | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linksys Search vendor "Linksys" | Wrt54g Search vendor "Linksys" for product "Wrt54g" | 2.04.4 Search vendor "Linksys" for product "Wrt54g" and version "2.04.4" | - |
Affected
| ||||||
| Linksys Search vendor "Linksys" | Wrt54g Search vendor "Linksys" for product "Wrt54g" | 3.01.3 Search vendor "Linksys" for product "Wrt54g" and version "3.01.3" | - |
Affected
| ||||||
| Linksys Search vendor "Linksys" | Wrt54g Search vendor "Linksys" for product "Wrt54g" | 3.03.6 Search vendor "Linksys" for product "Wrt54g" and version "3.03.6" | - |
Affected
| ||||||