CVE-2008-1263 : The Linksys WRT54G router stores passwords and keys in cleartext in the Config.b

The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.

Published 2008-03-10 17:44:00

Updated 2018-10-11 20:31:24

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2008-1263

Linksys » Wrt54g
cpe:2.3:h:linksys:wrt54g:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2008-1263

EPSS FAQ

0.12%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 47 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2008-1263

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.0	MEDIUM	AV:N/AC:L/Au:S/C:P/I:N/A:N	8.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2008-1263

CWE-310

Assigned by: nvd@nist.gov (Primary)

References for CVE-2008-1263

http://www.securityfocus.com/archive/1/489009/100/0/threaded

CVEs referencing this url
http://www.gnucitizen.org/projects/router-hacking-challenge/

Page not found · GitHub Pages
Exploit

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/41115

Jump to

Vulnerability Details : CVE-2008-1263

Products affected by CVE-2008-1263

Exploit prediction scoring system (EPSS) score for CVE-2008-1263

CVSS scores for CVE-2008-1263

CWE ids for CVE-2008-1263

References for CVE-2008-1263