Sign-up

ID

VAR-200909-0578


TITLE

Linksys WRT54GC Router HTTP Request Cross-Site Request Forgery Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2009-5256

DESCRIPTION

The Linksys WRT54GC is a small wireless router from Cisco. The diagnostics.cgi script of the WRT54GC router failed to properly validate the HTTP request submitted by the user. The remote attacker could inject arbitrary script code or cause a denial of service by including malicious ping_address and raceroute_address parameters in the request. Other attacks are also possible. This issue affects Linksys WRT54GC running firmware 1.01.5 and 1.00.7. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Linksys WRT54GC Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA36921 VERIFY ADVISORY: http://secunia.com/advisories/36921/ DESCRIPTION: VenturoLab Team has reported a vulnerability in Linksys WRT54GC, which can be exploited by malicious people to conduct cross-site request forgery attacks. The diagnostics.cgi script allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. The vulnerability is reported in firmware version 1.01.5 and 1.00.7. Other versions may also be affected. SOLUTION: Do not visit other websites while being logged-in to the Linksys administration interface. PROVIDED AND/OR DISCOVERED BY: VenturoLab Team ORIGINAL ADVISORY: http://venturolab.pl/index.php/2009/09/30/opis-bledu-w-routerze-linksys-wrt54gc/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 0.9

sources: CNVD: CNVD-2009-5256 // BID: 36599 // PACKETSTORM: 81832

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2009-5256

AFFECTED PRODUCTS

vendor:ciscomodel:wrt54gcscope:eqversion:1.1.5

Trust: 0.6

vendor:ciscomodel:wrt54gcscope:eqversion:1.0.7

Trust: 0.6

vendor:linksysmodel:wrt54gcscope:eqversion:1.1.5

Trust: 0.3

vendor:linksysmodel:wrt54gcscope:eqversion:1.0.7

Trust: 0.3

sources: CNVD: CNVD-2009-5256 // BID: 36599

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2009-5256
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2009-5256
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2009-5256

THREAT TYPE

network

Trust: 0.3

sources: BID: 36599

TYPE

Design Error

Trust: 0.3

sources: BID: 36599

EXTERNAL IDS

db:BIDid:36599

Trust: 0.9

db:SECUNIAid:36921

Trust: 0.7

db:CNVDid:CNVD-2009-5256

Trust: 0.6

db:PACKETSTORMid:81832

Trust: 0.1

sources: CNVD: CNVD-2009-5256 // BID: 36599 // PACKETSTORM: 81832

REFERENCES

url:http://secunia.com/advisories/36921/

Trust: 0.7

url:http://venturolab.pl/index.php/2009/09/30/opis-bledu-w-routerze-linksys-wrt54gc/

Trust: 0.4

url:http://www.linksys.com/

Trust: 0.3

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/business_solutions/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2009-5256 // BID: 36599 // PACKETSTORM: 81832

CREDITS

VenturoLab

Trust: 0.3

sources: BID: 36599

SOURCES

db:CNVDid:CNVD-2009-5256
db:BIDid:36599
db:PACKETSTORMid:81832

LAST UPDATE DATE

2022-05-17T22:40:16.975000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2009-5256date:2014-02-11T00:00:00
db:BIDid:36599date:2009-10-06T18:19:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2009-5256date:2009-09-30T00:00:00
db:BIDid:36599date:2009-09-30T00:00:00
db:PACKETSTORMid:81832date:2009-10-06T15:00:36