Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:OVERFLOW:LINKSYS-APPLY |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Cisco Linksys WRT54G apply.cgi POST Request Overflow |
Release Date |
2013/06/04 |
Update Number |
2269 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Cisco Linksys WRT54G apply.cgi POST Request Overflow
This signature detects attempts to exploit a known vulnerability against the linksys apply.cgi. A successful attack can lead to arbitrary remote code execution.
Extended Description
Multiple vulnerabilities have been identified in Linksys WRT54G routers. These issue all require that an attacker have access to either the wireless, or internal LAN network segments of the affected device. Exploitation from the WAN interface is only possible if the affected device has remote management enabled. This issue allows attackers to: - Download and replace the configuration of affected routers. - Execute arbitrary machine code in the context of the affected device. - Utilize HTTP POST requests to upload router configuration and firmware files without proper authentication - Degrade the performance of affected devices and cause the Web server to become unresponsive, potentially denying service to legitimate users.
Affected Products
- Linksys wpc300n-wireless-n_notebook_adapter 4.100.15.5
- Linksys wrt54g_v2.0 2.0.0 0.8 (Firmware)
- Linksys wrt54g_v2.0 2.0.0 2.8 Beta(Firmware)
- Linksys wrt54g_v2.0 2.4.4 (Firmware)
- Linksys wrt54g_v3.0 3.1.3 (Firmware)
- Linksys wrt54g_v3.0 3.3.6 (Firmware)
- Linksys wrt54g_v4.0 4.0.7 (Firmware)
- Linksys wrt54g_v4.0 4.20.6 (Firmware)
References
- BugTraq: 14822
- CVE: CVE-2005-2799