Details of VAR-200509-0095

ID

VAR-200509-0095

CVE

CVE-2005-2914

TITLE

Linksys WRT54G Configuration Information Disclosure Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200509-134

DESCRIPTION

ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration. WRT54G v1.0 is prone to a remote security vulnerability. Linksys WRT54G is a Cisco wireless router

Trust: 1.26

sources: NVD: CVE-2005-2914 // BID: 89353 // VULHUB: VHN-14123

AFFECTED PRODUCTS

vendor:	linksys	model:	wrt54g	scope:	eq	version:	3.01.3	Trust: 1.6
vendor:	linksys	model:	wrt54g	scope:	eq	version:	3.03.6	Trust: 1.6
vendor:	linksys	model:	wrt54g	scope:	eq	version:	2.04.4	Trust: 1.6
vendor:	linksys	model:	wrt54g	scope:	eq	version:	v3.03.3.6	Trust: 0.3

sources: BID: 89353 // CNNVD: CNNVD-200509-134 // NVD: CVE-2005-2914

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-2914
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200509-134
value:	HIGH
Trust: 0.6
VULHUB:	VHN-14123
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-2914
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-14123
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-14123 // CNNVD: CNNVD-200509-134 // NVD: CVE-2005-2914

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2914

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200509-134

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200509-134

EXTERNAL IDS

db:	NVD	id:	CVE-2005-2914	Trust: 2.0
db:	CNNVD	id:	CNNVD-200509-134	Trust: 0.7
db:	IDEFENSE	id:	20050913 LINKSYS WRT54G ROUTER REMOTE ADMINISTRATION FIXED ENCRYPTION KEY VULNERABILITY	Trust: 0.6
db:	BID	id:	89353	Trust: 0.3
db:	VULHUB	id:	VHN-14123	Trust: 0.1

sources: VULHUB: VHN-14123 // BID: 89353 // CNNVD: CNNVD-200509-134 // NVD: CVE-2005-2914

REFERENCES

url:	http://www.idefense.com/application/poi/display?id=304&type=vulnerabilities	Trust: 1.9
url:	http://www.idefense.com/application/poi/display?id=304&type=vulnerabilities	Trust: 0.1

sources: VULHUB: VHN-14123 // BID: 89353 // CNNVD: CNNVD-200509-134 // NVD: CVE-2005-2914

CREDITS

Unknown

Trust: 0.3

sources: BID: 89353

SOURCES

db:	VULHUB	id:	VHN-14123
db:	BID	id:	89353
db:	CNNVD	id:	CNNVD-200509-134
db:	NVD	id:	CVE-2005-2914

LAST UPDATE DATE

2025-04-03T22:16:33.132000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-14123	date:	2008-09-05T00:00:00
db:	BID	id:	89353	date:	2016-07-06T14:34:00
db:	CNNVD	id:	CNNVD-200509-134	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-2914	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-14123	date:	2005-09-14T00:00:00
db:	BID	id:	89353	date:	2005-09-14T00:00:00
db:	CNNVD	id:	CNNVD-200509-134	date:	2005-09-14T00:00:00
db:	NVD	id:	CVE-2005-2914	date:	2005-09-14T21:03:00