HTTP: Cisco Linksys WRT54G apply.cgi POST Request Overflow
This signature detects attempts to exploit a known vulnerability against the linksys apply.cgi. A successful attack can lead to arbitrary remote code execution.
Extended Description
Multiple vulnerabilities have been identified in Linksys WRT54G routers. These issue all require that an attacker have access to either the wireless, or internal LAN network segments of the affected device. Exploitation from the WAN interface is only possible if the affected device has remote management enabled. This issue allows attackers to: - Download and replace the configuration of affected routers. - Execute arbitrary machine code in the context of the affected device. - Utilize HTTP POST requests to upload router configuration and firmware files without proper authentication - Degrade the performance of affected devices and cause the Web server to become unresponsive, potentially denying service to legitimate users.
Affected Products
Linksys wpc300n-wireless-n_notebook_adapter
Short Name
HTTP:OVERFLOW:LINKSYS-APPLY
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-2799 Cisco Linksys Overflow POST Request WRT54G apply.cgi bid:14822
Release Date
06/04/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Linksys
CVSS Score
7.5