CVE-2008-2636

Name of the Vulnerable Software and Affected Versions Cisco Linksys WRH54G version 1.01.03

Description The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via a specific URI. This URI begins with a "/./" sequence, contains many instances of a "front page" sequence, and ends with a ".asp" sequence.

Recommendations For Cisco Linksys WRH54G version 1.01.03, consider restricting access to the HTTP service until a fix is available. As a temporary workaround, avoid using URIs that begin with a "/./" sequence and contain many instances of a "front page" sequence to minimize the risk of exploitation.