Authentication Bypass in Belkin Router Firmware
CVE-2008-1244

Currently unrated

Key Information:

Vendor: Belkin
Status: F5d7230-4
Vendor: CVE Published:; 10 March 2008

What is CVE-2008-1244?

The Belkin F5D7230-4 router with firmware version 9.01.10 is susceptible to an authentication bypass vulnerability in the cgi-bin/setup_dns.exe script. This flaw permits remote attackers to execute administrative actions without authentication, exemplified by the ability to alter DNS server settings using the dns1_1, dns1_2, dns1_3, and dns1_4 parameters. Additionally, the F5D7632-4V6 model with firmware version 6.01.08 is also impacted, posing serious risks for users as unauthorized modifications can lead to network hijacking and security breaches.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

https://bugzilla.mozilla.org/show_bug.cgi?id=371598

x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2008
Vulnerability Reserved
Mar 10, 2008