Remote Access Vulnerability in Linksys WRT54G and BEFSR41 Devices
CVE-2004-2606

Currently unrated

Key Information:

Vendor: Linksys
Status: Wrt54g; Befsr41 V3
Vendor: CVE Published:; 31 December 2004

Summary

The Web interface of Linksys products WRT54G (version 2.02.7) and BEFSR41 (version 3) presents a security flaw when remote administration is configured to be disabled. Attackers can inadvertently access the admin login page from outside the local network, potentially exploiting the interface to gain administrative privileges. This highlights the importance of appropriate network configurations and the inherent risks when disabling security features.

References

ftp://ftp.linksys.com/pub/network/wrt54g_2.02.8_US_code_b...

x_refsource_CONFIRM

http://www.nwfusion.com/news/2004/0607confuse.html

x_refsource_MISC

http://www.securityfocus.com/archive/1/365175

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Nov 29, 2005
Vulnerability published
Dec 31, 2004