- Description
- The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:befsr41_v3:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F40051A-D45C-4121-ACC8-08EE711B3256"
},
{
"criteria": "cpe:2.3:h:linksys:wrt54g:2.02.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BD5B2C5-E393-45E4-B847-4CFF7DA972B2"
}
],
"operator": "OR"
}
]
}
]