Linksys: Security Vulnerabilities
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.
CVSS Score
7.5
EPSS Score
0.005
Published
2008-03-10
The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.
CVSS Score
7.8
EPSS Score
0.007
Published
2008-03-10
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.
CVSS Score
10.0
EPSS Score
0.011
Published
2008-03-10
Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators.
CVSS Score
9.3
EPSS Score
0.018
Published
2008-01-10
Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message.
CVSS Score
4.3
EPSS Score
0.025
Published
2007-10-12
Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setcomm parameter.
CVSS Score
4.3
EPSS Score
0.088
Published
2007-07-05
The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request.
CVSS Score
7.8
EPSS Score
0.45
Published
2007-04-25
The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE: some of these details are obtained from third party information.
CVSS Score
5.0
EPSS Score
0.005
Published
2007-03-21
The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote attackers to cause a denial of service (reboot) via (1) a long URL, or a long (2) username or (3) password during Basic Authentication.
CVSS Score
7.8
EPSS Score
0.023
Published
2007-03-06
PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows remote attackers to cause a denial of service (crash) via a TCP SYN scan, as demonstrated using TCP ports 1-65535 with nmap.
CVSS Score
7.8
EPSS Score
0.016
Published
2006-12-10