Details of VAR-200803-0059

ID

VAR-200803-0059

CVE

CVE-2008-1263

TITLE

Linksys WRT54G Vulnerability to obtain important information in router

Trust: 0.8

sources: JVNDB: JVNDB-2008-004204

DESCRIPTION

The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI. Linksys WRT54G Router is prone to a information disclosure vulnerability

Trust: 1.98

sources: NVD: CVE-2008-1263 // JVNDB: JVNDB-2008-004204 // BID: 85074 // VULHUB: VHN-31388

AFFECTED PRODUCTS

vendor:	linksys	model:	wrt54g	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco linksys	model:	wrt54g	scope:	-	version:	-	Trust: 0.8
vendor:	linksys	model:	wrt54g	scope:	-	version:	-	Trust: 0.6
vendor:	linksys	model:	wrt54g	scope:	eq	version:	0	Trust: 0.3

sources: BID: 85074 // JVNDB: JVNDB-2008-004204 // CNNVD: CNNVD-200803-141 // NVD: CVE-2008-1263

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-1263
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2008-1263
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200803-141
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-31388
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2008-1263
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-31388
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-31388 // JVNDB: JVNDB-2008-004204 // CNNVD: CNNVD-200803-141 // NVD: CVE-2008-1263

PROBLEMTYPE DATA

problemtype:

CWE-310

Trust: 1.9

sources: VULHUB: VHN-31388 // JVNDB: JVNDB-2008-004204 // NVD: CVE-2008-1263

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200803-141

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-200803-141

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-004204

PATCH

title:

Linksys

url:

http://home.cisco.com/en-apac/home

Trust: 0.8

sources: JVNDB: JVNDB-2008-004204

EXTERNAL IDS

db:	NVD	id:	CVE-2008-1263	Trust: 2.8
db:	XF	id:	41115	Trust: 0.9
db:	JVNDB	id:	JVNDB-2008-004204	Trust: 0.8
db:	CNNVD	id:	CNNVD-200803-141	Trust: 0.7
db:	BUGTRAQ	id:	20080301 THE ROUTER HACKING CHALLENGE IS OVER!	Trust: 0.6
db:	BID	id:	85074	Trust: 0.4
db:	VULHUB	id:	VHN-31388	Trust: 0.1

sources: VULHUB: VHN-31388 // BID: 85074 // JVNDB: JVNDB-2008-004204 // CNNVD: CNNVD-200803-141 // NVD: CVE-2008-1263

REFERENCES

url:	http://www.gnucitizen.org/projects/router-hacking-challenge/	Trust: 2.0
url:	http://www.securityfocus.com/archive/1/489009/100/0/threaded	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/41115	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/41115	Trust: 0.9
url:	http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1263	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1263	Trust: 0.8

sources: VULHUB: VHN-31388 // BID: 85074 // JVNDB: JVNDB-2008-004204 // CNNVD: CNNVD-200803-141 // NVD: CVE-2008-1263

CREDITS

Unknown

Trust: 0.3

sources: BID: 85074

SOURCES

db:	VULHUB	id:	VHN-31388
db:	BID	id:	85074
db:	JVNDB	id:	JVNDB-2008-004204
db:	CNNVD	id:	CNNVD-200803-141
db:	NVD	id:	CVE-2008-1263

LAST UPDATE DATE

2025-04-10T22:45:37.512000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-31388	date:	2018-10-11T00:00:00
db:	BID	id:	85074	date:	2008-03-10T00:00:00
db:	JVNDB	id:	JVNDB-2008-004204	date:	2012-09-25T00:00:00
db:	CNNVD	id:	CNNVD-200803-141	date:	2008-09-05T00:00:00
db:	NVD	id:	CVE-2008-1263	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-31388	date:	2008-03-10T00:00:00
db:	BID	id:	85074	date:	2008-03-10T00:00:00
db:	JVNDB	id:	JVNDB-2008-004204	date:	2012-09-25T00:00:00
db:	CNNVD	id:	CNNVD-200803-141	date:	2008-03-10T00:00:00
db:	NVD	id:	CVE-2008-1263	date:	2008-03-10T17:44:00