Linksys

Wrt54g

17 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-41281

  • EPSS 0.05%
  • Published 19.07.2024 17:15:03
  • Last modified 04.06.2025 17:01:40

Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get_merge_mac function.

7.5

CVE-2011-4499

  • EPSS 0.47%
  • Published 22.11.2011 11:55:04
  • Last modified 11.04.2025 00:51:21

The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitra...

10

CVE-2008-1268

  • EPSS 1.06%
  • Published 10.03.2008 17:44:00
  • Last modified 09.04.2025 00:30:58

The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.

7.8

CVE-2008-1265

  • EPSS 0.62%
  • Published 10.03.2008 17:44:00
  • Last modified 09.04.2025 00:30:58

The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.

7.5

CVE-2008-1264

  • EPSS 0.48%
  • Published 10.03.2008 17:44:00
  • Last modified 09.04.2025 00:30:58

The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.

4

CVE-2008-1263

Exploit
  • EPSS 0.2%
  • Published 10.03.2008 17:44:00
  • Last modified 09.04.2025 00:30:58

The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.

10

CVE-2008-1247

Exploit
  • EPSS 8.81%
  • Published 10.03.2008 17:44:00
  • Last modified 09.04.2025 00:30:58

The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.t...

5

CVE-2006-5202

Exploit
  • EPSS 18.66%
  • Published 10.10.2006 04:06:00
  • Last modified 09.04.2025 00:30:58

Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout pa...

7.5

CVE-2006-2559

  • EPSS 0.55%
  • Published 24.05.2006 01:02:00
  • Last modified 03.04.2025 01:03:51

Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPort...

7.5

CVE-2005-2799

  • EPSS 85.39%
  • Published 15.09.2005 20:03:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.