CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-1561

Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.036

EPSS Ranking 87.3%

CVSS Severity

CVSS v2 Score 6.8

References

http://archives.neohapsis.com/archives/bugtraq/2009-04/0198.html
http://packetstormsecurity.org/0904-exploits/linksysadmin-passwd.txt
http://secunia.com/advisories/34805
http://www.falandodeseguranca.com/?p=17
http://www.securityfocus.com/bid/34616
http://www.vupen.com/english/advisories/2009/1172
http://archives.neohapsis.com/archives/bugtraq/2009-04/0198.html
http://packetstormsecurity.org/0904-exploits/linksysadmin-passwd.txt
http://secunia.com/advisories/34805
http://www.falandodeseguranca.com/?p=17
http://www.securityfocus.com/bid/34616
http://www.vupen.com/english/advisories/2009/1172

Products affected by CVE-2009-1561

Cisco » Wrt54gc » Version: 1.05.7

cpe:2.3:h:cisco:wrt54gc:1.05.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-1561

Products

Pricing

Contact Us