Back to search
CVE-2006-5202
Published: Oct 9, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
19347
vdb-entry
x_refsource_BID
https://kinqpinz.info/lib/wrt54g/
x_refsource_MISC
20060804 linksys WRT54g authentication bypass
mailing-list
x_refsource_FULLDISC
5926
exploit
x_refsource_EXPLOIT-DB
https://kinqpinz.info/lib/wrt54g/own2.txt
x_refsource_MISC
VU#930364
third-party-advisory
x_refsource_CERT-VN
21372
third-party-advisory
x_refsource_SECUNIA
1016638
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now