PT-2002-2873 · Linksys · Linksys Etherfast Cable/Dsl

Publicado

2002-12-31

Atualizado

2017-07-12

CVE-2002-2159

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Linksys EtherFast Cable/DSL versions BEFSR11, BEFSR41, and BEFSRU31 with firmware 1.42.7

Description: The issue allows remote attackers to gain access to the device by opening TCP port 5678 for remote administration, even when the "Block WAN" and "Remote Admin" options are disabled.

Recommendations: For Linksys EtherFast Cable/DSL versions BEFSR11, BEFSR41, and BEFSRU31 with firmware 1.42.7, consider disabling remote administration as a temporary workaround until a patch is available. Restrict access to TCP port 5678 to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-2159

Produtos afetados

Linksys Etherfast Cable/Dsl

PT-2002-2873 · Linksys · Linksys Etherfast Cable/Dsl

CVE-2002-2159

Identificadores relacionados

Produtos afetados

Referências · 4