SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips
 

Vulnerability Note VU#930364

Linksys WRT54G routers do not properly validate user credentials

Overview

Linksys WRT54G routers do not properly validate user credentials before allowing configuration changes.

I. Description

The Linksys WRTG54G is a broadband router that has an integrated wireless access point and ethernet switch. The WRT54G router's configuration settings are controlled by a web interface that uses either HTTP or HTTPS. Before viewing configuration files, an administrator needs to supply valid credentials.

The administrator's credentials are only used for viewing the device's configuration; the WRT54G does not require any credentials when making changes to configuration files. An attacker may be able to create a specially crafted web page that makes changes to the router's configuration when opened by anyone connected to the wireless or LAN ports of the router.

The remote access feature on Linksys routers allows administration of the router from the WAN port. If remote administration is enabled on an affected device, an attacker on the Internet may be able to exploit this vulnerability by sending malformed commands to the web interface.

II. Impact

A remote, unauthenticated attacker could change the configuration of an affected router.

III. Solution

There is currently no practical solution available to this problem.

Disable remote access
Disabling remote access may help mitigate this vulnerability.

Do not open untrusted links
An attacker may be able to create a specially crafted URL or HTML page that exploits this vulnerability. Do not open or follow untrusted hyperlinks sent through email or instant messages.

Secure your wireless network
Restricting access to your wireless network may also mitigate this vulnerability. US-CERT Cyber Security Tip ST05-003 has instructions on how to secure your wireless network.

Systems Affected

VendorStatusDate Updated
Linksys (A division of Cisco Systems)Vulnerable21-Nov-2006

References


http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048495.html
http://secunia.com/advisories/21372/

Credit

This vulnerability was publicly reported by Ginsu Rabbit.

This document was written by Ryan Giobbi.

Other Information

Date Public08/07/2006
Date First Published10/05/2006 10:08:45 AM
Date Last Updated11/21/2006
CERT Advisory 
CVE Name 
US-CERT Technical Alerts 
Metric1.98
Document Revision51

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2006 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader