Linksys Wrt54Gl Firmware vulnerabilities

CVE-2024-1405 [MEDIUM] CWE-200 CVE-2024-1405: A vulnerability was found in Linksys WRT54GL 4.30.18. It has been classified as problematic. This af A vulnerability was found in Linksys WRT54GL 4.30.18. It has been classified as problematic. This affects an unknown part of the file /wlaninfo.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier VDB-253329 was assigned to this vul

CVE-2024-1406 [MEDIUM] CWE-200 CVE-2024-1406: A vulnerability was found in Linksys WRT54GL 4.30.18. It has been declared as problematic. This vuln A vulnerability was found in Linksys WRT54GL 4.30.18. It has been declared as problematic. This vulnerability affects unknown code of the file /SysInfo1.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. VDB-253330 is the identifier assigned to

CVE-2024-1404 [HIGH] CWE-200 CVE-2024-1404: A vulnerability was found in Linksys WRT54GL 4.30.18 and classified as problematic. Affected by this A vulnerability was found in Linksys WRT54GL 4.30.18 and classified as problematic. Affected by this issue is some unknown functionality of the file /SysInfo.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability i

CVE-2023-31742 [HIGH] CWE-77 CVE-2023-31742: There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30. There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges.

CVE-2022-43970 [HIGH] CWE-120 CVE-2022-43970: A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerabli

CVE-2022-43972 [HIGH] CWE-476 CVE-2022-43972: A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the AddPortMapping action.

CVE-2022-43973 [HIGH] CWE-78 CVE-2022-43973: An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router wit An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a