Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2799

5 documents4 sources
Severity
7.5HIGH
EPSS
86.7%
top 0.58%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Linksys Wrt54g
Timeline
PublishedSep 15
Latest updateMay 1

Description

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDlinksys/wrt54g3.01.3, 3.03.6+1

Patches

Patch: www.idefense.comPatch: www.idefense.com

🔴Vulnerability Details

2
GHSA
GHSA-x63p-6jfx-42c9: Buffer overflow in apply2022-05-01
CVEList
CVE-2005-2799: Buffer overflow in apply2005-09-15

💥Exploits & PoCs

2
Exploit-DB
Linksys WRT54 Access Point - 'apply.cgi' Remote Buffer Overflow (Metasploit)2010-09-24
Exploit-DB
Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - 'apply.cgi' Remote Buffer Overflow (Metasploit)2005-09-13
CVE-2005-2799 (HIGH CVSS 7.5) | Buffer overflow in apply.cgi in Lin | cvebase.io