Vulnerability in Linksys WRT54g Router Firmware Allows Unauthorized Remote Access
CVE-2008-1247

Currently unrated

Key Information:

Vendor: Linksys
Status: Wrt54g
Vendor: CVE Published:; 10 March 2008

Summary

The Linksys WRT54g router, specifically with firmware version 1.00.9, contains a security flaw in its web interface that allows remote attackers to execute arbitrary administrative commands without the need for authentication. This vulnerability is exploited via direct requests to various scripts in the firmware, such as Advanced.tri and Basic.tri. As a result, unauthorized users could potentially change settings, monitor traffic, or manipulate router configurations, posing significant risks to network security and integrity.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/29344

third-party-advisoryx_refsource_SECUNIA

http://kinqpinz.info/lib/wrt54g/own.txt

x_refsource_MISC

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 10, 2008
Vulnerability Reserved
Mar 10, 2008