Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linksys vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2007-2270
The Linksys SPA941 VoIP Phone allows remote malicious users to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request.
Linksys Spa941
2 EDB exploits
4.3
CVSSv2
CVE-2008-1243
Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote malicious users to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI.
Linksys Wrt300n
4
CVSSv2
CVE-2008-1263
The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
Linksys Wrt54g
5
CVSSv2
CVE-2005-2434
Linksys WRT54G router uses the same private key and certificate for every router, which allows remote malicious users to sniff the SSL connection and obtain sensitive information.
Linksys Wrt54g
4.3
CVSSv2
CVE-2009-5140
The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote malicious users to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
Linksys Spa2102 Firmware -
10
CVSSv2
CVE-2010-1573
Linksys WAP54Gv3 firmware 3.04.03 and previous versions uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote malicious users to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameter...
Linksys Wap54g Firmware
7.8
CVSSv2
CVE-2008-1265
The Linksys WRT54G router allows remote malicious users to cause a denial of service (device restart) via a long username and password to the FTP interface.
Linksys Wrt54g
4.3
CVSSv2
CVE-2007-5411
Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote malicious users to inject arbitrary web script or HTML via the From header in a SIP message.
Linksys Spa941
1 EDB exploit
7.5
CVSSv2
CVE-2002-0426
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router prior to 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for malicious users to crack the keys.
Linksys Befvp41
7.2
CVSSv2
CVE-2019-7311
An issue exists on Linksys WRT1900ACS 1.0.3.187766 devices. A lack of encryption in how the user login cookie (admin-auth) is stored on a victim's computer results in the admin password being discoverable by a local attacker, and usable to gain administrative access to the v...
Linksys Wrt1900acs Firmware 1.0.3.187766
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »