Details of VAR-E-201006-1691

ID

VAR-E-201006-1691

CVE

cve_id:

CVE-2010-1573

Trust: 0.3

sources: BID: 40648

TITLE

Linksys WAP54Gv3 Wireless Router Debug Credentials Security Bypass Vulnerability

Trust: 0.3

sources: BID: 40648

DESCRIPTION

Linksys WAP54Gv3 wireless router devices are prone to a security-bypass vulnerability because they allow access to debugging scripts through hard coded credentials.
Successful exploits allow attackers to gain privileged access to the device; other attacks may also be possible.
The following firmware versions are vulnerable:
3.05.03 (Europe)
3.04.03 (US)
Other versions or devices may also be affected.

Trust: 0.3

sources: BID: 40648

AFFECTED PRODUCTS

vendor:	linksys	model:	wap54gv3	scope:	eq	version:	3.5.3	Trust: 0.3
vendor:	linksys	model:	wap54gv3	scope:	eq	version:	3.4.3	Trust: 0.3

sources: BID: 40648

EXPLOIT

An attacker can carry out this attack using readily available network utilities.

Trust: 0.3

sources: BID: 40648

PRICE

Free

Trust: 0.3

sources: BID: 40648

TYPE

Design Error

Trust: 0.3

sources: BID: 40648

CREDITS

Cristofaro Mune

Trust: 0.3

sources: BID: 40648

EXTERNAL IDS

db:	NVD	id:	CVE-2010-1573	Trust: 0.3
db:	BID	id:	40648	Trust: 0.3

sources: BID: 40648

REFERENCES

url:	http://www.icysilence.org/?p=268	Trust: 0.3
url:	http://www.linksys.com/	Trust: 0.3

sources: BID: 40648

SOURCES

db:

BID

id:

40648

LAST UPDATE DATE

2022-07-27T09:59:18.604000+00:00

SOURCES UPDATE DATE

db:

BID

id:

40648

date:

2015-04-13T21:02:00

SOURCES RELEASE DATE

db:

BID

id:

40648

date:

2010-06-08T00:00:00