Linksys Wireless Router < 4.20.7 Multiple Vulnerabilities (deprecated)

high Nessus Network Monitor Plugin ID 3221

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running a Linksys wireless router. This version of the router is vulnerable to multiple remote flaws. An attacker exploiting these flaws would need to be on the internal network and have the ability to craft HTTP requests to the default Linksys web server. Successful exploitation would result in the remote attacker gaining administrative access.

Solution

Upgrade the firmware to version 4.20.7 or higher.

Plugin Details

Severity: High

ID: 3221

Family: Web Servers

Published: 9/13/2005

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 8.3

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X

Reference Information

CVE: CVE-2005-2916

BID: 14822