Details of VAR-200809-0436

ID

VAR-200809-0436

CVE

CVE-2008-4296

TITLE

Cisco Linksys WRT350N Default password vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2008-001998

DESCRIPTION

The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. Provided by Cisco Systems Cisco Linksys WRT350N Contains a default password vulnerability. Linksys Wrt350n is prone to a remote security vulnerability

Trust: 1.98

sources: NVD: CVE-2008-4296 // JVNDB: JVNDB-2008-001998 // BID: 84819 // VULHUB: VHN-34421

AFFECTED PRODUCTS

vendor:	cisco	model:	linksys wrt350n	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	linksys wrt350n	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	linksys wrt350n	scope:	eq	version:	0	Trust: 0.3

sources: BID: 84819 // JVNDB: JVNDB-2008-001998 // CNNVD: CNNVD-200809-394 // NVD: CVE-2008-4296

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-4296
value:	HIGH
Trust: 1.0
NVD:	CVE-2008-4296
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200809-394
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-34421
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2008-4296
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-34421
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-34421 // JVNDB: JVNDB-2008-001998 // CNNVD: CNNVD-200809-394 // NVD: CVE-2008-4296

PROBLEMTYPE DATA

problemtype:

CWE-255

Trust: 1.9

sources: VULHUB: VHN-34421 // JVNDB: JVNDB-2008-001998 // NVD: CVE-2008-4296

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200809-394

TYPE

trust management

Trust: 0.6

sources: CNNVD: CNNVD-200809-394

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-001998

PATCH

title:

Top Page

url:

http://www.cisco.com/

Trust: 0.8

sources: JVNDB: JVNDB-2008-001998

EXTERNAL IDS

db:	NVD	id:	CVE-2008-4296	Trust: 2.8
db:	SREASON	id:	4319	Trust: 2.0
db:	XF	id:	45588	Trust: 0.9
db:	JVNDB	id:	JVNDB-2008-001998	Trust: 0.8
db:	BUGTRAQ	id:	20080926 LINKSYS/CISCO WRT350N 1.0.3.7 INSECURE SAMBA STATIC CONFIGURATION	Trust: 0.6
db:	CNNVD	id:	CNNVD-200809-394	Trust: 0.6
db:	BID	id:	84819	Trust: 0.4
db:	VULHUB	id:	VHN-34421	Trust: 0.1

sources: VULHUB: VHN-34421 // BID: 84819 // JVNDB: JVNDB-2008-001998 // CNNVD: CNNVD-200809-394 // NVD: CVE-2008-4296

REFERENCES

url:	http://securityreason.com/securityalert/4319	Trust: 2.0
url:	http://www.securityfocus.com/archive/1/496756/100/0/threaded	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/45588	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/45588	Trust: 0.9
url:	http://www.securityfocus.com/archive/1/archive/1/496756/100/0/threaded	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4296	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4296	Trust: 0.8

sources: VULHUB: VHN-34421 // BID: 84819 // JVNDB: JVNDB-2008-001998 // CNNVD: CNNVD-200809-394 // NVD: CVE-2008-4296

CREDITS

Unknown

Trust: 0.3

sources: BID: 84819

SOURCES

db:	VULHUB	id:	VHN-34421
db:	BID	id:	84819
db:	JVNDB	id:	JVNDB-2008-001998
db:	CNNVD	id:	CNNVD-200809-394
db:	NVD	id:	CVE-2008-4296

LAST UPDATE DATE

2025-04-10T23:23:33.224000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-34421	date:	2018-10-11T00:00:00
db:	BID	id:	84819	date:	2008-09-27T00:00:00
db:	JVNDB	id:	JVNDB-2008-001998	date:	2008-12-19T00:00:00
db:	CNNVD	id:	CNNVD-200809-394	date:	2009-01-29T00:00:00
db:	NVD	id:	CVE-2008-4296	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-34421	date:	2008-09-27T00:00:00
db:	BID	id:	84819	date:	2008-09-27T00:00:00
db:	JVNDB	id:	JVNDB-2008-001998	date:	2008-12-19T00:00:00
db:	CNNVD	id:	CNNVD-200809-394	date:	2008-09-27T00:00:00
db:	NVD	id:	CVE-2008-4296	date:	2008-09-27T10:30:03.617