Filtered by vendor Linksys
Subscriptions
Total
191 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2606 | 1 Linksys | 2 Befsr41 V3, Wrt54g | 2025-04-03 | N/A |
| The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled. | ||||
| CVE-2005-2799 | 1 Linksys | 1 Wrt54g | 2025-04-03 | N/A |
| Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request. | ||||
| CVE-2004-0580 | 1 Linksys | 12 Befcmu10, Befn2ps4, Befsr11 and 9 more | 2025-04-03 | N/A |
| DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-1059 | 1 Linksys | 1 Wet11 | 2025-04-03 | N/A |
| Linksys WET11 1.5.4 allows remote attackers to change the password without providing the original password via the data parameter to changepw.html. | ||||
| CVE-2005-2912 | 1 Linksys | 1 Wrt54g | 2025-04-03 | N/A |
| Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value. | ||||
| CVE-2005-2914 | 1 Linksys | 1 Wrt54g | 2025-04-03 | N/A |
| ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration. | ||||
| CVE-2005-2915 | 1 Linksys | 1 Wrt54g | 2025-04-03 | N/A |
| ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914. | ||||
| CVE-2006-1067 | 1 Linksys | 1 Wrt54g V5 | 2025-04-03 | N/A |
| Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. | ||||
| CVE-2006-2559 | 1 Linksys | 2 Wrt54g, Wrt54g V5 | 2025-04-03 | N/A |
| Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. | ||||
| CVE-2003-1497 | 1 Linksys | 1 Befsx41 | 2025-04-03 | N/A |
| Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable. | ||||
| CVE-2005-2589 | 1 Linksys | 1 Wrt54gs | 2025-04-03 | N/A |
| Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption. | ||||
| CVE-2005-2916 | 1 Linksys | 1 Wrt54g | 2025-04-03 | N/A |
| Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi. | ||||
| CVE-2001-0888 | 3 Atmel, Linksys, Netgear | 3 Firmware, Wap11, Me102 | 2025-04-03 | N/A |
| Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers to cause a denial of service via a SNMP request with (1) a community string other than "public" or (2) an unknown OID, which causes the WAP to deny subsequent SNMP requests. | ||||
| CVE-2001-0514 | 3 Atmel, Linksys, Netgear | 3 802.11b Vnet-b Access Point, Wap11, Me102 | 2025-04-03 | N/A |
| SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network. | ||||
| CVE-2002-2159 | 1 Linksys | 3 Befsr11, Befsr41, Befsru31 | 2025-04-03 | N/A |
| Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access. | ||||
| CVE-2004-0312 | 1 Linksys | 1 Wap55ag | 2025-04-03 | N/A |
| Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2. | ||||
| CVE-2006-0309 | 1 Linksys | 1 Befvp41 | 2025-04-03 | N/A |
| Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length. | ||||
| CVE-2001-1117 | 1 Linksys | 1 Befsr41 | 2025-04-03 | N/A |
| LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | ||||
| CVE-2025-29226 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-04-01 | 6.3 Medium |
| In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["count"] parameter. | ||||
| CVE-2025-29227 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-04-01 | 6.3 Medium |
| In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["pkgsize"] parameter. | ||||