cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header.
Max CVSS
7.8
EPSS Score
1.30%
Published
2008-03-10
Updated
2018-10-11
cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote attackers to perform administrative actions, as demonstrated by changing a DNS server via the dns1_1, dns1_2, dns1_3, and dns1_4 parameters. NOTE: it was later reported that F5D7632-4V6 with firmware 6.01.08 is also affected.
Max CVSS
10.0
EPSS Score
1.95%
Published
2008-03-10
Updated
2018-10-11
The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a previously authenticated user, a different vulnerability than CVE-2005-3802.
Max CVSS
10.0
EPSS Score
0.83%
Published
2008-03-10
Updated
2018-10-11
The Belkin F5D7230-4 Wireless G Router allows remote attackers to cause a denial of service (degraded networking and logging) via a flood of TCP SYN packets, a related issue to CVE-1999-0116.
Max CVSS
5.0
EPSS Score
0.92%
Published
2007-11-20
Updated
2018-10-15
Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication.
Max CVSS
5.1
EPSS Score
2.23%
Published
2005-11-24
Updated
2017-07-12
5 vulnerabilities found