CyberSec.Space Logo
CVEブラウザに戻る

CVE-2008-1268

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0660%
EPSS Percentile32.36th
Published2008年3月10日
Last Modified2026年4月23日

Vulnerability Description

The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.

Affected Platforms (CPE)

🔌
Linksys

Wrt54g

= 7

References & Advisories

🔗 http://swbae.egloos.com/1701135
🔗 http://www.gnucitizen.org/projects/router-hacking-challenge/
🔗 http://www.securityfocus.com/archive/1/489009/100/0/threaded
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/41119
🔗 http://swbae.egloos.com/1701135
🔗 http://www.gnucitizen.org/projects/router-hacking-challenge/
🔗 http://www.securityfocus.com/archive/1/489009/100/0/threaded
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/41119

関連する脆弱性情報

CVE-2008-124710.0

The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allo...

CVE-2008-12657.8

The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password t...

CVE-2005-27997.5

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers...

CVE-2004-26067.5

The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt t...