Sign-up

ID

VAR-200803-0060


CVE

CVE-2008-1264


TITLE

Linksys WRT54G In the router nvram.cfg Vulnerability to access important files such as

Trust: 0.8

sources: JVNDB: JVNDB-2008-004205

DESCRIPTION

The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file. Linksys WRT54G Router is prone to a remote security vulnerability

Trust: 1.98

sources: NVD: CVE-2008-1264 // JVNDB: JVNDB-2008-004205 // BID: 85075 // VULHUB: VHN-31389

AFFECTED PRODUCTS

vendor:linksysmodel:wrt54gscope:eqversion:*

Trust: 1.0

vendor:cisco linksysmodel:wrt54gscope: - version: -

Trust: 0.8

vendor:linksysmodel:wrt54gscope: - version: -

Trust: 0.6

vendor:linksysmodel:wrt54gscope:eqversion:0

Trust: 0.3

sources: BID: 85075 // JVNDB: JVNDB-2008-004205 // CNNVD: CNNVD-200803-142 // NVD: CVE-2008-1264

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-1264
value: HIGH

Trust: 1.0

NVD: CVE-2008-1264
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200803-142
value: HIGH

Trust: 0.6

VULHUB: VHN-31389
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-1264
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-31389
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-31389 // JVNDB: JVNDB-2008-004205 // CNNVD: CNNVD-200803-142 // NVD: CVE-2008-1264

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-31389 // JVNDB: JVNDB-2008-004205 // NVD: CVE-2008-1264

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200803-142

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-200803-142

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-004205

PATCH
title:Linksysurl:http://home.cisco.com/en-apac/home
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-004205

EXTERNAL IDS
db:NVDid:CVE-2008-1264
Trust: 2.8
db:XFid:41126
Trust: 0.9
db:JVNDBid:JVNDB-2008-004205
Trust: 0.8
db:CNNVDid:CNNVD-200803-142
Trust: 0.7
db:XFid:54
Trust: 0.6
db:BUGTRAQid:20080301 THE ROUTER HACKING CHALLENGE IS OVER!
Trust: 0.6
db:BIDid:85075
Trust: 0.4
db:VULHUBid:VHN-31389
Trust: 0.1
sources:
            
            
            VULHUB: VHN-31389 // 
            
            
            
            BID: 85075 // 
            
            
            
            JVNDB: JVNDB-2008-004205 // 
            
            
            
            CNNVD: CNNVD-200803-142 // 
            
            
            
            NVD: CVE-2008-1264

REFERENCES
url:http://www.gnucitizen.org/projects/router-hacking-challenge/
Trust: 2.0
url:http://www.securityfocus.com/archive/1/489009/100/0/threaded
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/41126
Trust: 1.1
url:http://xforce.iss.net/xforce/xfdb/41126
Trust: 0.9
url:http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1264
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1264
Trust: 0.8
sources:
            
            
            VULHUB: VHN-31389 // 
            
            
            
            BID: 85075 // 
            
            
            
            JVNDB: JVNDB-2008-004205 // 
            
            
            
            CNNVD: CNNVD-200803-142 // 
            
            
            
            NVD: CVE-2008-1264

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 85075

SOURCES
db:VULHUBid:VHN-31389
db:BIDid:85075
db:JVNDBid:JVNDB-2008-004205
db:CNNVDid:CNNVD-200803-142
db:NVDid:CVE-2008-1264

LAST UPDATE DATE
2025-04-10T19:31:44.980000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-31389date:2018-10-11T00:00:00
db:BIDid:85075date:2008-03-10T00:00:00
db:JVNDBid:JVNDB-2008-004205date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200803-142date:2008-09-05T00:00:00
db:NVDid:CVE-2008-1264date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-31389date:2008-03-10T00:00:00
db:BIDid:85075date:2008-03-10T00:00:00
db:JVNDBid:JVNDB-2008-004205date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200803-142date:2008-03-10T00:00:00
db:NVDid:CVE-2008-1264date:2008-03-10T17:44:00