Linksys Multiple Remote Vulnerabilities Network Vulnerability

Summary

The remote router is affected by multiple flaws. Description : The remote host appears to be a Linksys WRT54G Wireless Router. The firmware version installed on the remote host is prone to several flaws, - Execute arbitrary commands on the affected router with root privilages. - Download and replace the configuration of affected routers via a special POST request to the 'restore.cgi' or 'upgrade.cgi' scripts. - Allow remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration. - Degrade the performance of affected devices and cause the Web server to become unresponsive, potentially denying service to legitimate users.

Solution

Upgrade to firmware version 4.20.7 or later.

References

http://www.idefense.com/application/poi/display?id=304&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=305&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=306&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=307&type=vulnerabilities

Updated on 2015-03-25

Severity

Classification

CVE CVE-2005-2799, CVE-2005-2914, CVE-2005-2915, CVE-2005-2916

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Boozt index.cgi overflow
Open WebMail userstat.pl Arbitrary Command Execution
OpenSSH Channel Code Off by 1
mod_ssl hook functions format string vulnerability
Oracle9iAS too long URL

Linksys multiple remote vulnerabilities

Take action and discover your vulnerabilities