Wrt54g

wrt54g

Vendor: Linksys • 16 CVEs

CVEs (16)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-4499 2Cisco Linksys 4Linksys Wrt54g Router Firmware Linksys Wrt54gs Router FirmwareWrt54g+1 more Apr 29, 2026 Nov 22, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote...Show more The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.Show less
CVE-2008-1268 1Linksys 1Wrt54g Apr 23, 2026 Mar 10, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.
CVE-2008-1265 1Linksys 1Wrt54g Apr 23, 2026 Mar 10, 2008 N/A· v4 N/A· v3 7.8 HIGH· v2 The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.
CVE-2008-1264 1Linksys 1Wrt54g Apr 23, 2026 Mar 10, 2008 N/A· v4 N/A· v3 7.5 HIGH· v2 The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.
CVE-2008-1263 1Linksys 1Wrt54g Apr 23, 2026 Mar 10, 2008 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
CVE-2008-1247 1Linksys 1Wrt54g Apr 23, 2026 Mar 10, 2008 N/A· v4 N/A· v3 10.0 HIGH· v2 The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1...Show more The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. NOTE: the Security.tri vector is already covered by CVE-2006-5202.Show less
CVE-2006-5202 1Linksys 1Wrt54g Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using...Show more Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559.Show less
CVE-2006-2559 1Linksys 2Wrt54g Wrt54g V5 Apr 16, 2026 May 24, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as...Show more Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.Show less
CVE-2005-2799 1Linksys 1Wrt54g Apr 16, 2026 Sep 15, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.
CVE-2005-2916 1Linksys 1Wrt54g Apr 16, 2026 Sep 14, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify conf...Show more Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi.Show less
CVE-2005-2915 1Linksys 1Wrt54g Apr 16, 2026 Sep 14, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which co...Show more ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914.Show less
CVE-2005-2914 1Linksys 1Wrt54g Apr 16, 2026 Sep 14, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain en...Show more ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration.Show less
CVE-2005-2912 1Linksys 1Wrt54g Apr 16, 2026 Sep 14, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value.
CVE-2005-2434 1Linksys 1Wrt54g Apr 16, 2026 Aug 3, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information.
CVE-2004-2606 1Linksys 2Befsr41 V3 Wrt54g Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote a...Show more The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.Show less
CVE-2004-0580 1Linksys 12Befcmu10 Befn2ps4Befsr11+9 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain...Show more DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.Show less