Filtered by vendor Linksys
Subscribe
Total
123 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1268 | 1 Linksys | 1 Wrt54g | 2025-04-09 | 10.0 HIGH | N/A |
| The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password. | |||||
| CVE-2006-6411 | 1 Linksys | 1 Wip 330 Wireless-g Ip Phone | 2025-04-09 | 7.8 HIGH | N/A |
| PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows remote attackers to cause a denial of service (crash) via a TCP SYN scan, as demonstrated using TCP ports 1-65535 with nmap. | |||||
| CVE-2009-3341 | 1 Linksys | 1 Wrt54gl | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-1265 | 1 Linksys | 1 Wrt54g | 2025-04-09 | 7.8 HIGH | N/A |
| The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. | |||||
| CVE-2007-5474 | 2 Atheros, Linksys | 2 Ar5416-ac1e Chipset, Wrt350n | 2025-04-09 | 6.3 MEDIUM | N/A |
| The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long. | |||||
| CVE-2007-6709 | 1 Linksys | 1 Wag54gs | 2025-04-09 | 7.5 HIGH | N/A |
| The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | |||||
| CVE-2008-1243 | 1 Linksys | 1 Wrt300n | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI. | |||||
| CVE-2008-0228 | 1 Linksys | 1 Wrt54gl | 2025-04-09 | 9.3 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators. | |||||
| CVE-2008-4441 | 2 Linksys, Marvell | 2 Wap400n, 88w8361p-bem1 | 2025-04-09 | 7.1 HIGH | N/A |
| The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197. | |||||
| CVE-2007-5475 | 2 Linksys, Marvell | 2 Wap4400n, 88w8361p-bem Chipset | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements. | |||||
| CVE-2008-4594 | 2 Linksys, Marvell | 2 Wap400n, 88w8361p-bem1 | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. | |||||
| CVE-2007-1585 | 1 Linksys | 2 Wag200g, Wrt54gc | 2025-04-09 | 5.0 MEDIUM | N/A |
| The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2024-22544 | 1 Linksys | 2 E1700, E1700 Firmware | 2025-04-08 | N/A | 8.0 HIGH |
| An issue was discovered in Linksys Router E1700 version 1.0.04 (build 3), allows authenticated attackers to execute arbitrary code via the setDateTime function. | |||||
| CVE-2024-22543 | 1 Linksys | 2 E1700, E1700 Firmware | 2025-04-08 | N/A | 6.1 MEDIUM |
| An issue was discovered in Linksys Router E1700 1.0.04 (build 3), allows authenticated attackers to escalate privileges via a crafted GET request to the /goform/* URI or via the ExportSettings function. | |||||
| CVE-2005-2589 | 1 Linksys | 1 Wrt54gs | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption. | |||||
| CVE-2005-4257 | 1 Linksys | 4 Befw11s4, Befw11s4 V3, Befw11s4 V4 and 1 more | 2025-04-03 | 7.8 HIGH | N/A |
| Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. | |||||
| CVE-2001-0514 | 3 Atmel, Linksys, Netgear | 3 802.11b Vnet-b Access Point, Wap11, Me102 | 2025-04-03 | 7.5 HIGH | N/A |
| SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network. | |||||
| CVE-2005-2914 | 1 Linksys | 1 Wrt54g | 2025-04-03 | 7.5 HIGH | N/A |
| ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration. | |||||
| CVE-2004-2606 | 1 Linksys | 2 Befsr41 V3, Wrt54g | 2025-04-03 | 7.5 HIGH | N/A |
| The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled. | |||||
| CVE-2002-2159 | 1 Linksys | 3 Befsr11, Befsr41, Befsru31 | 2025-04-03 | 10.0 HIGH | N/A |
| Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access. | |||||