Authentication Bypass in Linksys WRT54G Routers

CVE-2005-2916

Summary

The Linksys WRT54G series routers, including versions 3.01.03, 3.03.6, and 4.00.7, contain a design flaw that allows unauthorized users to bypass authentication checks. This occurs because the routers do not properly authenticate users until after processing an HTTP POST request. As a result, remote attackers can exploit this vulnerability to modify configuration settings through the 'restore.cgi' script or upload unauthorized firmware using the 'upgrade.cgi' script. This puts affected devices at risk of unauthorized control and potential misuse.

References