Linksys WRT54G routers do not properly validate user credentials before allowing configuration changes.
The Linksys WRTG54G is a broadband router that has an integrated wireless access point and ethernet switch. The WRT54G router's configuration settings are controlled by a web interface that uses either HTTP or HTTPS. Before viewing configuration files, an administrator needs to supply valid credentials.
The administrator's credentials are only used for viewing the device's configuration; the WRT54G does not require any credentials when making changes to configuration files. An attacker may be able to create a specially crafted web page that makes changes to the router's configuration when opened by anyone connected to the wireless or LAN ports of the router.
A remote, unauthenticated attacker could change the configuration of an affected router.
There is currently no practical solution available to this problem.
Disable remote access
This vulnerability was publicly reported by Ginsu Rabbit.
This document was written by Ryan Giobbi.
|Date First Published:||2006-10-05|
|Date Last Updated:||2006-11-21 21:46 UTC|