CVE-2008-1263

Published: Mar 10, 2008Modified: Apr 23, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.

Affected (1)

Products: Linksys: Wrt54g

Linksys

1 product

Wrt54g

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linksys Wrt54g	All versions

Related CWEs

CWE-310

References (6)

http://www.gnucitizen.org/projects/router-hacking-challenge/

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/archive/1/489009/100/0/threaded

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41115

Source: cve@mitre.org

http://www.gnucitizen.org/projects/router-hacking-challenge/

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/archive/1/489009/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/41115

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.