Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1236

4 documents4 sources
Severity
5.0MEDIUM
EPSS
5.2%
top 10.08%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Linksys Befsr41
Timeline
PublishedNov 12
Latest updateApr 30

Description

The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDlinksys/befsr414 versions+3

Patches

Patch: www.idefense.comPatch: www.idefense.com

🔴Vulnerability Details

2
GHSA
GHSA-46p7-9x6f-9v2j: The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 12022-04-30
CVEList
CVE-2002-1236: The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 12004-09-01

💥Exploits & PoCs

1
Exploit-DB
Linksys BEFSR41 1.4x - 'Gozila.cgi' Denial of Service2002-11-01
CVE-2002-1236 (MEDIUM CVSS 5) | The remote management web server fo | cvebase.io