VAR-200909-0578
Vulnerability from variot - Updated: 2022-05-17 22:40The Linksys WRT54GC is a small wireless router from Cisco. The diagnostics.cgi script of the WRT54GC router failed to properly validate the HTTP request submitted by the user. The remote attacker could inject arbitrary script code or cause a denial of service by including malicious ping_address and raceroute_address parameters in the request. Other attacks are also possible. This issue affects Linksys WRT54GC running firmware 1.01.5 and 1.00.7. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Linksys WRT54GC Cross-Site Request Forgery Vulnerability
SECUNIA ADVISORY ID: SA36921
VERIFY ADVISORY: http://secunia.com/advisories/36921/
DESCRIPTION: VenturoLab Team has reported a vulnerability in Linksys WRT54GC, which can be exploited by malicious people to conduct cross-site request forgery attacks.
The diagnostics.cgi script allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g.
The vulnerability is reported in firmware version 1.01.5 and 1.00.7. Other versions may also be affected.
SOLUTION: Do not visit other websites while being logged-in to the Linksys administration interface.
PROVIDED AND/OR DISCOVERED BY: VenturoLab Team
ORIGINAL ADVISORY: http://venturolab.pl/index.php/2009/09/30/opis-bledu-w-routerze-linksys-wrt54gc/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200909-0578",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wrt54gc",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1.5"
},
{
"model": "wrt54gc",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0.7"
},
{
"model": "wrt54gc",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.1.5"
},
{
"model": "wrt54gc",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.0.7"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-5256"
},
{
"db": "BID",
"id": "36599"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VenturoLab",
"sources": [
{
"db": "BID",
"id": "36599"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2009-5256",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2009-5256",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-5256"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Linksys WRT54GC is a small wireless router from Cisco. The diagnostics.cgi script of the WRT54GC router failed to properly validate the HTTP request submitted by the user. The remote attacker could inject arbitrary script code or cause a denial of service by including malicious ping_address and raceroute_address parameters in the request. Other attacks are also possible. \nThis issue affects Linksys WRT54GC running firmware 1.01.5 and 1.00.7. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nLinksys WRT54GC Cross-Site Request Forgery Vulnerability\n\nSECUNIA ADVISORY ID:\nSA36921\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36921/\n\nDESCRIPTION:\nVenturoLab Team has reported a vulnerability in Linksys WRT54GC,\nwhich can be exploited by malicious people to conduct cross-site\nrequest forgery attacks. \n\nThe diagnostics.cgi script allows users to perform certain actions\nvia HTTP requests without performing any validity checks to verify\nthe requests. This can be exploited to e.g. \n\nThe vulnerability is reported in firmware version 1.01.5 and 1.00.7. \nOther versions may also be affected. \n\nSOLUTION:\nDo not visit other websites while being logged-in to the Linksys\nadministration interface. \n\nPROVIDED AND/OR DISCOVERED BY:\nVenturoLab Team\n\nORIGINAL ADVISORY:\nhttp://venturolab.pl/index.php/2009/09/30/opis-bledu-w-routerze-linksys-wrt54gc/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-5256"
},
{
"db": "BID",
"id": "36599"
},
{
"db": "PACKETSTORM",
"id": "81832"
}
],
"trust": 0.9
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "36599",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "36921",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2009-5256",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "81832",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-5256"
},
{
"db": "BID",
"id": "36599"
},
{
"db": "PACKETSTORM",
"id": "81832"
}
]
},
"id": "VAR-200909-0578",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-5256"
}
],
"trust": 1.20416665
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-5256"
}
]
},
"last_update_date": "2022-05-17T22:40:16.975000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "http://secunia.com/advisories/36921/"
},
{
"trust": 0.4,
"url": "http://venturolab.pl/index.php/2009/09/30/opis-bledu-w-routerze-linksys-wrt54gc/"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-5256"
},
{
"db": "BID",
"id": "36599"
},
{
"db": "PACKETSTORM",
"id": "81832"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2009-5256"
},
{
"db": "BID",
"id": "36599"
},
{
"db": "PACKETSTORM",
"id": "81832"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2009-5256"
},
{
"date": "2009-09-30T00:00:00",
"db": "BID",
"id": "36599"
},
{
"date": "2009-10-06T15:00:36",
"db": "PACKETSTORM",
"id": "81832"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2009-5256"
},
{
"date": "2009-10-06T18:19:00",
"db": "BID",
"id": "36599"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "36599"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT54GC Router HTTP Request Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2009-5256"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "36599"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…