Description: Ginsu Rabbit has reported a vulnerability and a security issue in Linksys WRT54G, which can be exploited by malicious people to conduct cross-site request forgery attacks and manipulate the configuration.
1) An error in Security.tri caused due to missing authentication verification can be exploited to modify sensitive configuration settings (e.g. disable wireless security).
2) An error exists in the web interface caused due to the device allowing users to change the router configuration via HTTP requests without performing any validity checks to verify the user's request.
The vulnerability and the security issue have been reported in firmware version 1.00.9 on a V5 router. Other versions may also be affected.
Solution: Filter traffic to affected devices and do not visit untrusted web sites while being logged in to the device.
Vulnerability #1 has reportedly been fixed in firmware version 1.00.10.
Provided and/or discovered by: Ginsu Rabbit
Changelog: 2006-10-06: Added US-CERT reference.
2006-10-12: Added CVE reference.
2006-11-20: Updated "Description" section. Added information about reported version. Updated "Solution" section.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
