search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Linksys RT31P2 VoIP router denial of service vulnerabilities

Vulnerability Note VU#621566

Original Release Date: 2006-04-19 | Last Revised: 2006-05-05


The Linksys RT31P2 VoIP router contains several vulnerabilities that may allow a remote, unauthenticated attacker to cause a denial of service.


The Linksys RT31P2 is a broadband router that includes Voice over Internet Protocol (VoIP) telephone functionality. The RT31P2 unit fails to properly handle malformed Session Initiation Protocol (SIP) messages, which are used by VoIP.


A remote, unauthenticated attacker may be able to cause a denial-of-service condition. For example, when the phone is being used (off-hook), an attacker may be able to disrupt the call. When the phone is not being used (on-hook), an attacker may be able to cause the phone to stop working.


We are currently unaware of a practical solution to this problem. The RT31P2 has been discontinued by Linksys.

Vendor Information


Linksys (A division of Cisco Systems) Affected

Notified:  September 27, 2005 Updated: April 19, 2006



Vendor Statement

The product has been discontinued. All develoment for this product has been stoped as well. We will not be making any code modifications to this product as it has been put to end-of-life status by Linksys.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

CVSS Metrics

Group Score Vector



Thanks to Peter Thermos and Guy Hadsall of Palindrome Technologies for reporting this vulnerability.

This document was written by Will Dormann.

Other Information

CVE IDs: None
Severity Metric: 1.35
Date Public: 2006-04-19
Date First Published: 2006-04-19
Date Last Updated: 2006-05-05 00:49 UTC
Document Revision: 11

Sponsored by CISA.