Remote Administration Vulnerability in Linksys EtherFast Products
CVE-2002-2159

Currently unrated

Key Information:

Vendor: Linksys
Status: Befsr41; Befsr11; Befsru31
Vendor: CVE Published:; 31 December 2002

What is CVE-2002-2159?

The Linksys EtherFast Cable/DSL routers, specifically models BEFSR11, BEFSR41, and BEFSRU31 with firmware version 1.42.7, exhibit a security flaw that opens TCP port 5678 for remote administrative access. This occurs even when the 'Block WAN' and 'Remote Admin' features are disabled. Consequently, this vulnerability can be exploited by remote attackers to gain unauthorized access to the affected devices, making them susceptible to unauthorized configuration changes and potential data interception.

References

http://www.iss.net/security_center/static/9330.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/4987

vdb-entryx_refsource_BID

http://www.securiteam.com/securitynews/5OP022K7GE.html

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Nov 16, 2005
Vulnerability published
Dec 31, 2002