Show filters
100 Total Results
Displaying 51-60 of 100
Sort by:
Attacker Value
Unknown
CVE-2008-2092
Disclosure Date: May 06, 2008 (last updated October 04, 2023)
Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: the severity of this issue has been disputed since there are limited attack scenarios.
0
Attacker Value
Unknown
CVE-2007-6708
Disclosure Date: March 13, 2008 (last updated October 04, 2023)
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by (1) a Restore Factory Defaults action using the mtenRestore parameter to setup.cgi and (2) creation of a user account using the sysname parameter to setup.cgi.
0
Attacker Value
Unknown
CVE-2007-6709
Disclosure Date: March 13, 2008 (last updated October 04, 2023)
The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access.
0
Attacker Value
Unknown
CVE-2007-6707
Disclosure Date: March 13, 2008 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574.
0
Attacker Value
Unknown
CVE-2008-1243
Disclosure Date: March 10, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI.
0
Attacker Value
Unknown
CVE-2008-1268
Disclosure Date: March 10, 2008 (last updated October 04, 2023)
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.
0
Attacker Value
Unknown
CVE-2008-1264
Disclosure Date: March 10, 2008 (last updated October 04, 2023)
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.
0
Attacker Value
Unknown
CVE-2008-1263
Disclosure Date: March 10, 2008 (last updated October 04, 2023)
The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
0
Attacker Value
Unknown
CVE-2008-1265
Disclosure Date: March 10, 2008 (last updated October 04, 2023)
The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.
0
Attacker Value
Unknown
CVE-2008-1247
Disclosure Date: March 10, 2008 (last updated October 04, 2023)
The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. NOTE: the Security.tri vector is already covered by CVE-2006-5202.
0