PT-2009-4049 · Cisco · Linksys Wvc54Gca

Pagvac

Published

2009-05-06

Updated

2009-05-23

CVE-2009-1555

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Cisco Linksys WVC54GCA wireless video camera version 1.00R22 Cisco Linksys WVC54GCA wireless video camera version 1.00R24

Description: The issue allows remote attackers to obtain sensitive information, such as passwords, by reading the process memory of the SetupWizard.exe. This is related to the way the camera sends configuration data in response to a remote-management command from the Setup Wizard.

Recommendations: For version 1.00R22, update the firmware to a version that addresses this issue. For version 1.00R24, update the firmware to a version that addresses this issue. As a temporary workaround, consider restricting access to the Setup Wizard remote-management command until a patch is available.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2009-1555

Affected Products

Linksys Wvc54Gca

PT-2009-4049 · Cisco · Linksys Wvc54Gca

CVE-2009-1555

Weakness Enumeration

Related Identifiers

Affected Products

References · 5