CVE-2008-1268
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.
El servidor FTP en el router Linksys WRT54G 7 con software empotrado 7.00.1 no verifica credenciales de autenticación, lo cual permite a atacantes remotos establecer una sesión FTP enviando un nombre de usuario y contraseña de su elección.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-03-10 CVE Reserved
- 2008-03-10 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-20 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://swbae.egloos.com/1701135 | X_refsource_misc | |
| http://www.gnucitizen.org/projects/router-hacking-challenge | X_refsource_misc | |
| http://www.securityfocus.com/archive/1/489009/100/0/threaded | Mailing List | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41119 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|