CVE-2002-2159

3 documents3 sources

Severity

10.0CRITICAL

EPSS

1.1%

top 21.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linksys Befsr11 Linksys Befsr41 Linksys Befsru31

Timeline

PublishedDec 31

Latest updateApr 30

Description

Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDlinksys/befsr111.42.7

▶NVDlinksys/befsr411.42.7

▶NVDlinksys/befsru311.42.7

🔴Vulnerability Details

GHSA

GHSA-367w-87rf-wcf4: Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1↗2022-04-30

▶

CVEList

CVE-2002-2159: Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1↗2005-11-16

▶