ID
VAR-190001-0079
TITLE
Linksys WAG54GS Wireless Router Cross-Site Request Forgery Vulnerability
Trust: 0.9
DESCRIPTION
The Linksys WAG54GS Wireless Router is a wireless router device. A cross-site request forgery vulnerability exists in the Linksys WAG54GS Wireless Router. Because the program fails to properly validate user-submitted requests, an attacker can build a malicious URI, trick the user into parsing, and run privileged commands on the device, such as changing the configuration, performing a denial of service attack, or injecting arbitrary script code. Other attacks are also possible. Linksys WAG54GS running firmware 1.01.03 is vulnerable
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | linksys | model: | wag54gs | scope: | eq | version: | 1.01.03 | Trust: 0.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
cross-site request forgery
Trust: 0.6
EXTERNAL IDS
| db: | BID | id: | 52105 | Trust: 1.5 |
| db: | CNVD | id: | CNVD-2012-0815 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201202-434 | Trust: 0.6 |
REFERENCES
| url: | http://www.securityfocus.com/bid/52105/ | Trust: 0.6 |
| url: | http://www.securityfocus.com/bid/52105 | Trust: 0.6 |
| url: | http://www.linksys.com/ | Trust: 0.3 |
CREDITS
Ivano Binetti
Trust: 0.9
SOURCES
| db: | CNVD | id: | CNVD-2012-0815 |
| db: | BID | id: | 52105 |
| db: | CNNVD | id: | CNNVD-201202-434 |
LAST UPDATE DATE
2022-05-17T02:02:15.981000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2012-0815 | date: | 2012-02-23T00:00:00 |
| db: | BID | id: | 52105 | date: | 2012-02-21T00:00:00 |
| db: | CNNVD | id: | CNNVD-201202-434 | date: | 2012-02-23T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2012-0815 | date: | 2012-02-23T00:00:00 |
| db: | BID | id: | 52105 | date: | 2012-02-21T00:00:00 |
| db: | CNNVD | id: | CNNVD-201202-434 | date: | 1900-01-01T00:00:00 |