belkin f5d7230-4 Security Vulnerabilities

3 Vulnerabilities

Description
cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote attackers to perform administrative actions, as demonstrated by changing a DNS server via the dns1_1, dns1_2, dns1_3, and dns1_4 parameters. NOTE: it was later reported that F5D7632-4V6 with firmware 6.01.08 is also affected. Impacted versions: * Base Score: 10.0, Severity: HIGH, ID: CVE-2008-1244, Last Modified: 2018-10-11T20:31:00Z References Exploit Exploit Modemly Security Checklist Belkin-F5D7230-4-router-setup
cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header. Impacted versions: * Base Score: 7.8, Severity: HIGH, ID: CVE-2008-1245, Last Modified: 2018-10-11T20:31:00Z References Exploit Modemly Security Checklist Belkin-F5D7230-4-router-setup
Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication. Impacted versions: 4.3.3, 4.5.3 Base Score: 5.1, Severity: MEDIUM, ID: CVE-2005-3802, Last Modified: 2017-07-12T01:29:00Z References Vendor Advisory Modemly Security Checklist Belkin-F5D7230-4-router-setup

Description

cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote attackers to perform administrative actions, as demonstrated by changing a DNS server via the dns1_1, dns1_2, dns1_3, and dns1_4 parameters. NOTE: it was later reported that F5D7632-4V6 with firmware 6.01.08 is also affected.

Impacted versions: *

Base Score: 10.0, Severity: HIGH, ID: CVE-2008-1244, Last Modified: 2018-10-11T20:31:00Z

References

Exploit Exploit

Modemly Security Checklist

Belkin-F5D7230-4-router-setup

cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header.

Impacted versions: *

Base Score: 7.8, Severity: HIGH, ID: CVE-2008-1245, Last Modified: 2018-10-11T20:31:00Z

References

Exploit

Modemly Security Checklist

Belkin-F5D7230-4-router-setup

Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication.

Impacted versions: 4.3.3, 4.5.3

Base Score: 5.1, Severity: MEDIUM, ID: CVE-2005-3802, Last Modified: 2017-07-12T01:29:00Z

References

Vendor Advisory

Modemly Security Checklist

Belkin-F5D7230-4-router-setup

USAGE: Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.