Weak SSL Implementation in Linksys WRT54G Router
CVE-2005-2434

Currently unrated

Key Information:

Vendor: Linksys
Status: Wrt54g
Vendor: CVE Published:; 3 August 2005

Summary

The Linksys WRT54G router suffers from a notable design flaw in its SSL implementation by utilizing the same private key and certificate across all devices. This uniformity allows remote attackers to intercept and decrypt SSL connections, potentially gaining access to sensitive information exchanged during the session. Users of the WRT54G should be aware of this vulnerability and take measures to secure their network and data from unauthorized access.

References

http://www.securityfocus.com/bid/14407

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=112258422806340&w=2

mailing-listx_refsource_BUGTRAQ

http://securitytracker.com/id?1014596

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Aug 3, 2005
Vulnerability Reserved
Aug 3, 2005