Information Disclosure Vulnerability in Linksys WRT54G Router
CVE-2008-1263

Currently unrated

Key Information:

Vendor: Linksys
Status: Wrt54g
Vendor: CVE Published:; 10 March 2008

Summary

The Linksys WRT54G router is susceptible to an information disclosure issue where sensitive information, including passwords and cryptographic keys, is stored in cleartext within the Config.bin file. Remote authenticated users can exploit this vulnerability by sending an HTTP request to access the top-level Config.bin URI, thereby potentially compromising the security of the router and the network it protects.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/41115

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 10, 2008
Vulnerability Reserved
Mar 10, 2008