Search Results (235 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1243 1 Linksys 1 Wrt300n 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI.
CVE-2007-6709 1 Linksys 1 Wag54gs 2026-04-23 N/A
The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access.
CVE-2006-6411 1 Linksys 1 Wip 330 Wireless-g Ip Phone 2026-04-23 N/A
PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows remote attackers to cause a denial of service (crash) via a TCP SYN scan, as demonstrated using TCP ports 1-65535 with nmap.
CVE-2008-2092 1 Linksys 1 Spa-2102 Phone Adapter 2026-04-23 N/A
Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: the severity of this issue has been disputed since there are limited attack scenarios.
CVE-2008-1263 1 Linksys 1 Wrt54g 2026-04-23 N/A
The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
CVE-2008-1264 1 Linksys 1 Wrt54g 2026-04-23 N/A
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.
CVE-2026-27848 1 Linksys 2 Mr9600, Mx4200 2026-04-18 9.8 Critical
Due to missing neutralization of special elements, OS commands can be injected via the handshake of a TLS-SRP connection, which are ultimately run as the root user. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
CVE-2026-27850 1 Linksys 2 Mr9600, Mx4200 2026-04-18 7.5 High
Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
CVE-2026-25603 1 Linksys 4 Mr9600, Mr9600 Firmware, Mx4200 and 1 more 2026-04-17 6.6 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context of a root user.This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
CVE-2026-27846 1 Linksys 2 Mr9600, Mx4200 2026-04-17 6.2 Medium
Due to missing authentication, a user with physical access to the device can misuse the mesh functionality for adding a new mesh device to the network  to gain access to sensitive information, including the password for admin access to the web interface and the Wi-Fi passwords.This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
CVE-2026-27847 1 Linksys 2 Mr9600, Mx4200 2026-04-17 9.8 Critical
Due to improper neutralization of special elements, SQL statements can be injected via the handshake of a TLS-SRP connection. This can be used to inject known credentials into the database that can be utilized to successfully complete the handshake and use the protected service. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
CVE-2026-27849 1 Linksys 2 Mr9600, Mx4200 2026-04-17 9.8 Critical
Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
CVE-2003-1497 1 Linksys 1 Befsx41 2026-04-16 N/A
Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable.
CVE-2006-1973 1 Linksys 1 Rt31p2 2026-04-16 N/A
Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages.
CVE-2004-0580 1 Linksys 12 Befcmu10, Befn2ps4, Befsr11 and 9 more 2026-04-16 N/A
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
CVE-2004-2606 1 Linksys 2 Befsr41 V3, Wrt54g 2026-04-16 N/A
The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.
CVE-2004-0312 1 Linksys 1 Wap55ag 2026-04-16 N/A
Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2.
CVE-2005-2912 1 Linksys 1 Wrt54g 2026-04-16 N/A
Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value.
CVE-2005-2916 1 Linksys 1 Wrt54g 2026-04-16 N/A
Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi.
CVE-2002-1312 1 Linksys 9 Befn2ps4, Befsr11, Befsr41 and 6 more 2026-04-16 N/A
Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.