Linksys (A division of Cisco Systems) Information for VU#528993

Linksys WVC54GC wireless video camera vulnerable to information disclosure

Status

Affected

Vendor Statement

Vulnerability 1: Remote Sensitive Information Disclosure

    Description: Data under "setup wizard" communication are not encrypted.
    Camera settings will be visible by using packet capture tools.
    Solution: 2300 and 210 have encrypted data and have no such issue. To decode the data, an administrator username/password is a MUST.

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References

    None

    Addendum

    This vulnerability is addressed in WVC54GC firmware version 1.25. Please see the release notes for more details.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.