US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

Linksys (A division of Cisco Systems) Information for VU#528993

Date Notified:2008-08-15
Date Updated:2008-12-05
Statement Date:
Status Summary:Vulnerable

Vendor Statement

Vulnerability 1: Remote Sensitive Information Disclosure

    Description: Data under "setup wizard" communication are not encrypted.
    Camera settings will be visible by using packet capture tools.
    Solution: 2300 and 210 have encrypted data and have no such issue. To decode the data, an administrator username/password is a MUST.

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Addendum

    This vulnerability is addressed in WVC54GC firmware version 1.25. Please see the release notes for more details.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.
     

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information