Back to search
CVE-2005-2916
Published: Sep 14, 2005
Modified: Sep 17, 2024
PUBLISHED
Description
Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20050913 Linksys WRT54G 'restore.cgi' Configuration Modification Design Error Vulnerability
third-party-advisory
x_refsource_IDEFENSE
20050913 Linksys WRT54G 'upgrade.cgi' Firmware Upload Design Error Vulnerability
third-party-advisory
x_refsource_IDEFENSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now