CyberSec.Space Logo
Back to CVE Browser

CVE-2004-2606

HIGH
7.5
CVSS Severity Score
EPSS Score0.0770%
EPSS Percentile12.87th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.

Affected Platforms (CPE)

πŸ”Œ
Linksys

Befsr41 V3

All versions
πŸ”Œ
Linksys

Wrt54g

= 2.02.7

References & Advisories

πŸ”— ftp://ftp.linksys.com/pub/network/wrt54g_2.02.8_US_code_beta.zip
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-05/0316.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-06/0002.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-06/0020.html
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2004-06/0190.html
πŸ”— http://secunia.com/advisories/11754
πŸ”— http://web.archive.org/web/20040823075750/http://www.linksys.com/download/firmware.asp?fwid=201
πŸ”— http://www.nwfusion.com/news/2004/0607confuse.html

Related Vulnerabilities

CVE-2002-215910.0

Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remot...

CVE-2002-01096.4

Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive in...

CVE-2001-11175.0

LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration an...

CVE-2002-12365.0

The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to ...