Vulnerability Details CVE-2008-1263
The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.4%
CVSS Severity
CVSS v2 Score 4.0
References
- http://www.gnucitizen.org/projects/router-hacking-challenge/
- http://www.securityfocus.com/archive/1/489009/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41115
- http://www.gnucitizen.org/projects/router-hacking-challenge/
- http://www.securityfocus.com/archive/1/489009/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41115
Products affected by CVE-2008-1263
-
cpe:2.3:h:linksys:wrt54g:-
-
cpe:2.3:h:linksys:wrt54g:1.00.9
-
cpe:2.3:h:linksys:wrt54g:1.42.3
-
cpe:2.3:h:linksys:wrt54g:2.00.8
-
cpe:2.3:h:linksys:wrt54g:2.02.7
-
cpe:2.3:h:linksys:wrt54g:2.04.4
-
cpe:2.3:h:linksys:wrt54g:3.01.3
-
cpe:2.3:h:linksys:wrt54g:3.03.6
-
cpe:2.3:h:linksys:wrt54g:4.00.7