Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Linksys Subscribe
Total 90 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-2589 1 Linksys 1 Wrt54gs 2008-09-05 7.5 HIGH N/A
Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption.
CVE-2005-2799 1 Linksys 1 Wrt54g 2008-09-05 7.5 HIGH N/A
Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.
CVE-2005-2916 1 Linksys 1 Wrt54g 2008-09-05 5.0 MEDIUM N/A
Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi.
CVE-2005-2912 1 Linksys 1 Wrt54g 2008-09-05 5.0 MEDIUM N/A
Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value.
CVE-2005-2915 1 Linksys 1 Wrt54g 2008-09-05 5.0 MEDIUM N/A
ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914.
CVE-2005-2914 1 Linksys 1 Wrt54g 2008-09-05 7.5 HIGH N/A
ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration.
CVE-2002-2371 1 Linksys 1 Wet11 2008-09-05 7.8 HIGH N/A
Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header.
CVE-2002-2137 5 Alloy, D-link, Eusso and 2 more 5 Gl-2422ap-s, Dwl-900ap\+, Gl2422 Ap and 2 more 2008-09-05 5.0 MEDIUM N/A
GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.
CVE-2002-1865 2 D-link, Linksys 4 Di-804, Dl-704, Befw11s4 and 1 more 2008-09-05 5.0 MEDIUM N/A
Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header.
CVE-2002-0426 1 Linksys 1 Befvp41 2008-09-05 7.5 HIGH N/A
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.