Linksys Multiple Remote Vulnerabilities Network Vulnerability

Summary

The remote router is affected by multiple flaws. Description : The remote host appears to be a Linksys WRT54G Wireless Router. The firmware version installed on the remote host is prone to several flaws, - Execute arbitrary commands on the affected router with root privilages. - Download and replace the configuration of affected routers via a special POST request to the 'restore.cgi' or 'upgrade.cgi' scripts. - Allow remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration. - Degrade the performance of affected devices and cause the Web server to become unresponsive, potentially denying service to legitimate users.

Solution

Upgrade to firmware version 4.20.7 or later.

References

http://www.idefense.com/application/poi/display?id=304&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=305&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=306&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=307&type=vulnerabilities

Updated on 2015-03-25

Severity

Classification

CVE CVE-2005-2799, CVE-2005-2914, CVE-2005-2915, CVE-2005-2916
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

NT IIS 5.0 Malformed HTTP Printer Request Header Buffer Overflow Vulnerability
IIS FrontPage DoS II
HTTP Cookie overflow
Mercur Mailserver/Messaging version <= 5.0 IMAP Overflow Vulnerability
Microsoft RPC Interface Buffer Overrun (823980)

Linksys multiple remote vulnerabilities

Take action and discover your vulnerabilities