CVE-2004-2606

{"id": "CVE-2004-2606", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"url": "ftp://ftp.linksys.com/pub/network/wrt54g_2.02.8_US_code_beta.zip", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2004-05/0316.html", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0002.html", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0020.html", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0190.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/11754", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://web.archive.org/web/20040823075750/http://www.linksys.com/download/firmware.asp?fwid=201", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.nwfusion.com/news/2004/0607confuse.html", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/6577", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/365175", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/365227/30/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/10441", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16274", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled."}], "lastModified": "2017-07-11T01:32:03.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:befsr41_v3:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F40051A-D45C-4121-ACC8-08EE711B3256"}, {"criteria": "cpe:2.3:h:linksys:wrt54g:2.02.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BD5B2C5-E393-45E4-B847-4CFF7DA972B2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}