CVE-2004-2606
CVE-2004-2606
The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://ftp.linksys.com/pub/network/wrt54g_2.02.8_US_code_beta.ziphttp://archives.neohapsis.com/archives/bugtraq/2004-05/0316.htmlhttp://archives.neohapsis.com/archives/bugtraq/2004-06/0002.htmlhttp://archives.neohapsis.com/archives/bugtraq/2004-06/0020.htmlhttp://archives.neohapsis.com/archives/bugtraq/2004-06/0190.htmlhttp://secunia.com/advisories/11754https://exchange.xforce.ibmcloud.com/vulnerabilities/16274http://web.archive.org/web/20040823075750/http://www.linksys.com/download/firmware.asp?fwid=201http://www.nwfusion.com/news/2004/0607confuse.htmlhttp://www.osvdb.org/6577http://www.securityfocus.com/archive/1/365175http://www.securityfocus.com/archive/1/365227/30/0/threaded