Linksys EtherFast BEFSR41 Router Vulnerability in Firmware
CVE-2001-1117

Currently unrated

Key Information:

Vendor: Linksys
Status: Befsr41
Vendor: CVE Published:; 10 August 2001

Summary

A design flaw in the Linksys EtherFast BEFSR41 Cable/DSL routers allows remote attackers to retrieve sensitive passwords by accessing the HTML source of specific web pages. This vulnerability affects routers running firmware versions prior to 1.39.3 Beta, where attackers can view both administration and user passwords through the index.htm and Password.htm pages, compromising the security and integrity of the device.

References

http://www.securityfocus.com/archive/1/201390

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/3141

vdb-entryx_refsource_BID

http://www.osvdb.org/5467

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability Reserved
Mar 15, 2002
Vulnerability published
Aug 10, 2001