CVE-2008-1263

Published Mar 10, 2008

Last updated 6 years ago

Overview

Description: The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-310

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:linksys:wrt54g:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBBECE9D-7805-4521-A0B1-15F2755312B8"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References