CVE-2005-2915

3 documents3 sources
Severity
5.0MEDIUM
EPSS
0.2%
top 59.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Linksys Wrt54g
Timeline
PublishedSep 14
Latest updateMay 1

Description

ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDlinksys/wrt54g2.04.4_non_default, 3.01.3, 3.03.6+2

🔴Vulnerability Details

2
GHSA
GHSA-hwhx-rgrv-3pxv: ezconfig2022-05-01
CVEList
CVE-2005-2915: ezconfig2005-09-14
CVE-2005-2915 (MEDIUM CVSS 5) | ezconfig.asp in Linksys WRT54G rout | cvebase.io