CVE-2004-2606 Information
Description
The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3 with the firewall disabled allows remote attackers to attempt to login to an administration web page even when the configuration specifies that remote administration is disabled.
Reference
ftp://ftp.linksys.com/pub/network/wrt54g_2.02.8_US_code_beta.zip http://archives.neohapsis.com/archives/bugtraq/2004-05/0316.html http://archives.neohapsis.com/archives/bugtraq/2004-06/0002.html http://archives.neohapsis.com/archives/bugtraq/2004-06/0020.html http://archives.neohapsis.com/archives/bugtraq/2004-06/0190.html http://secunia.com/advisories/11754 http://web.archive.org/web/20040823075750/http://www.linksys.com/download/firmware.asp?fwid=201 http://www.nwfusion.com/news/2004/0607confuse.html http://www.osvdb.org/6577 http://www.securityfocus.com/archive/1/365175 http://www.securityfocus.com/archive/1/365227/30/0/threaded http://www.securityfocus.com/bid/10441 https://exchange.xforce.ibmcloud.com/vulnerabilities/16274
Share on: