PT-2008-2035 · Belkin · Belkin Wireless G Plus Mimo Router F5D9230-4

Darkfig

Publicado

2008-01-23

Atualizado

2018-10-15

CVE-2008-0403

CVSS v2.0

5.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Belkin Wireless G Plus MIMO Router F5D9230-4

Description The issue concerns the web server in the Belkin Wireless G Plus MIMO Router F5D9230-4, which does not require authentication for the "SaveCfgFile.cgi" endpoint. This allows remote attackers to read and modify the configuration by making a direct request to the "SaveCfgFile.cgi" endpoint.

Recommendations For Belkin Wireless G Plus MIMO Router F5D9230-4, consider restricting access to the "SaveCfgFile.cgi" endpoint until a patch is available. As a temporary workaround, limit remote access to the router's web interface to minimize the risk of exploitation.

Exploit

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2008-0403

Produtos afetados

Belkin Wireless G Plus Mimo Router F5D9230-4

PT-2008-2035 · Belkin · Belkin Wireless G Plus Mimo Router F5D9230-4

CVE-2008-0403

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8