Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linksys vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2009-5140
The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote malicious users to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
Linksys Spa2102 Firmware -
NA
CVE-2007-5411
Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote malicious users to inject arbitrary web script or HTML via the From header in a SIP message.
Linksys Spa941
1 EDB exploit
9.8
CVSSv3
CVE-2010-1573
Linksys WAP54Gv3 firmware 3.04.03 and previous versions uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote malicious users to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameter...
Linksys Wap54g Firmware
7.2
CVSSv3
CVE-2022-43970
A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitra...
Linksys Wrt54gl Firmware
7.5
CVSSv3
CVE-2022-43972
A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST reque...
Linksys Wrt54gl Firmware
7.2
CVSSv3
CVE-2022-43973
An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with ad...
Linksys Wrt54gl Firmware
NA
CVE-2007-6707
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and previous versions firmware allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574.
Linksys Wag54gs
NA
CVE-2007-6709
The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and previous versions firmware has "admin" as its default password for the "admin" account, which makes it easier for remote malicious users to obtain access.
Linksys Wag54gs
NA
CVE-2008-1247
The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote malicious users to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) c...
Linksys Wrt54g
1 EDB exploit
NA
CVE-2008-1263
The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
Linksys Wrt54g
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »