cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-8408,https://securityvulnerability.io/vulnerability/CVE-2024-8408,Stack-Based Buffer Overflow in Linksys WRT54G,"A significant vulnerability exists in Linksys WRT54G version 4.21.5, specifically within the validate_services_port function of the apply.cgi component. This flaw allows for stack-based buffer overflow triggered by manipulation of the services_array argument. The vulnerability can be exploited remotely, potentially exposing systems to malicious attacks. Despite early disclosures to the vendor regarding this issue, there has been no response. As public knowledge increases, the risk of exploitation remains a pressing concern for affected users.",Linksys,Wrt54g Firmware,9.8,CRITICAL,0.0023399998899549246,false,false,false,false,,false,false,2024-09-04T14:15:00.000Z,0
CVE-2008-1263,https://securityvulnerability.io/vulnerability/CVE-2008-1263,,"The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.",Linksys,Wrt54g,,,0.001230000052601099,false,false,false,false,,false,false,2008-03-10T17:00:00.000Z,0
CVE-2008-1247,https://securityvulnerability.io/vulnerability/CVE-2008-1247,,"The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri.  NOTE: the Security.tri vector is already covered by CVE-2006-5202.",Linksys,Wrt54g,,,0.1379999965429306,false,false,false,false,,false,false,2008-03-10T17:00:00.000Z,0
CVE-2008-1265,https://securityvulnerability.io/vulnerability/CVE-2008-1265,,The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.,Linksys,Wrt54g,,,0.014030000194907188,false,false,false,false,,false,false,2008-03-10T17:00:00.000Z,0
CVE-2008-1268,https://securityvulnerability.io/vulnerability/CVE-2008-1268,,"The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.",Linksys,Wrt54g,,,0.01095999963581562,false,false,false,false,,false,false,2008-03-10T17:00:00.000Z,0
CVE-2008-1264,https://securityvulnerability.io/vulnerability/CVE-2008-1264,,"The Linksys WRT54G router has ""admin"" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.",Linksys,Wrt54g,,,0.010809999890625477,false,false,false,false,,false,false,2008-03-10T17:00:00.000Z,0
CVE-2006-5202,https://securityvulnerability.io/vulnerability/CVE-2006-5202,,"Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559.",Linksys,Wrt54g,,,0.053780000656843185,false,false,false,false,,false,false,2006-10-10T04:06:00.000Z,0
CVE-2006-2559,https://securityvulnerability.io/vulnerability/CVE-2006-2559,,"Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.",Linksys,"Wrt54g,Wrt54g V5",,,0.009030000306665897,false,false,false,false,,false,false,2006-05-24T01:00:00.000Z,0
CVE-2006-1067,https://securityvulnerability.io/vulnerability/CVE-2006-1067,,"Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value.",Linksys,Wrt54g V5,,,0.046879999339580536,false,false,false,false,,false,false,2006-03-07T22:00:00.000Z,0
CVE-2005-2799,https://securityvulnerability.io/vulnerability/CVE-2005-2799,,"Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.",Linksys,Wrt54g,,,0.7561299800872803,false,false,false,false,,false,false,2005-09-15T20:03:00.000Z,0
CVE-2005-2912,https://securityvulnerability.io/vulnerability/CVE-2005-2912,,Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value.,Linksys,Wrt54g,,,0.0027099999133497477,false,false,false,false,,false,false,2005-09-14T21:03:00.000Z,0
CVE-2005-2914,https://securityvulnerability.io/vulnerability/CVE-2005-2914,,"ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration.",Linksys,Wrt54g,,,0.007300000172108412,false,false,false,false,,false,false,2005-09-14T21:03:00.000Z,0
CVE-2005-2916,https://securityvulnerability.io/vulnerability/CVE-2005-2916,,"Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi.",Linksys,Wrt54g,,,0.0023499999660998583,false,false,false,false,,false,false,2005-09-14T21:03:00.000Z,0
CVE-2005-2915,https://securityvulnerability.io/vulnerability/CVE-2005-2915,,"ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914.",Linksys,Wrt54g,,,0.0014600000577047467,false,false,false,false,,false,false,2005-09-14T04:00:00.000Z,0
CVE-2005-2434,https://securityvulnerability.io/vulnerability/CVE-2005-2434,,"Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information.",Linksys,Wrt54g,,,0.008150000125169754,false,false,false,false,,false,false,2005-08-03T04:00:00.000Z,0
CVE-2004-2606,https://securityvulnerability.io/vulnerability/CVE-2004-2606,,"The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.",Linksys,"Wrt54g,Befsr41 V3",,,0.02215000055730343,false,false,false,false,,false,false,2004-12-31T05:00:00.000Z,0
CVE-2004-0580,https://securityvulnerability.io/vulnerability/CVE-2004-0580,,"DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.",Linksys,"Befsr11,Befvp41,Befcmu10,Wap55ag,Befsr81,Befsru31,Befsr41w,Befsr41,Befsx41,Befn2ps4,Rv082,Wrt54g",,,0.026900000870227814,false,false,false,false,,false,false,2004-08-06T04:00:00.000Z,0