Copyright (C) 2005-2013 Josh Zlatin-Amishav
The remote router is affected by multiple flaws.
The remote host appears to be a Linksys WRT54G Wireless Router.
The firmware version installed on the remote host is prone to several
- Execute arbitrary commands on the affected router with
root privilages. (CVE-2005-2916)
- Download and replace the configuration of affected
routers via a special POST request to the 'restore.cgi'
or 'upgrade.cgi' scripts. (CVE-2005-2799)
- Allow remote attackers to obtain encrypted configuration
information and, if the key is known, modify the
configuration. (CVE-2005-2914, CVE-2005-2915)
- Degrade the performance of affected devices and cause
the web server to become unresponsive, potentially
denying service to legitimate users. (CVE-2005-2912)
See also :
Upgrade to firmware version 4.20.7 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 10.0
Public Exploit Available : true
Nessus Plugin ID: 20096 (linksys_multiple_vulns.nasl)
Bugtraq ID: 14822
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now