Vulnerability Note VU#528993
Linksys WVC54GC wireless video camera vulnerable to information disclosure
The Linksys WVC54GC wireless video camera insecurely sends initial configuration information over the network, which can allow a remote, unauthenticated attacker to intercept video streams, access wireless network authentication credentials, modify the device firmware, or cause a denial-of-service to the video camera.
The Linksys WVC54GC wireless video camera uses 916/udp for remote management commands. When a certain packet is delivered to that port, the device responds with a packet that contains the majority of the device's configuration. This packet includes details such as username, password, wireless ssid, WEP key, WEP password, WPA key, and DNS server. This packet is sent over the network unencrypted, which can allow an attacker to obtain these details.
By delivering a specially crafted packet to 916/udp of an affected device, a remote, unauthenticated attacker may be able to obtain information to intercept video streams, access wireless network authentication credentials, modify the device firmware, or cause a denial-of-service to the video camera.
Apply an update
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Linksys (A division of Cisco Systems)||Affected||15 Aug 2008||05 Dec 2008|
CVSS Metrics (Learn More)
Thanks to Andre Protas of eEye for reporting this vulnerability, who in turn also credits Greg Linares of eEye.
This document was written by Will Dormann.
- CVE IDs: CVE-2008-4390
- Date Public: 03 Jan 2008
- Date First Published: 05 Dec 2008
- Date Last Updated: 05 Dec 2008
- Severity Metric: 1.59
- Document Revision: 8
If you have feedback, comments, or additional information about this vulnerability, please send us email.