|
|
CVE Reference: CVE-2005-2916 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-2916 |
|
|
Description: Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi. |
|
|
CVE Status: Candidate |
|
|
References: IDEFENSE http://www.idefense.com/application/poi/display?id=307&type=vulnerabilities http://www.idefense.com/application/poi/display?id=306&type=vulnerabilities |
|
| Return to the previous page. |
