linksys befsr11 Security Vulnerabilities

3 Vulnerabilities

DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.

Impacted versions: 1.43, 1.44, 1.40.2, 1.42.7, 1.41, 1.43.3, 1.42.3

Base Score: 5.0, Severity: MEDIUM, ID: CVE-2004-0580, Last Modified: 2018-08-13T21:47:00Z


Broken Link Exploit Exploit

Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access.

Impacted versions: 1.42.7

Base Score: 10.0, Severity: HIGH, ID: CVE-2002-2159, Last Modified: 2017-07-12T01:29:00Z


Vendor Advisory

Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.

Impacted versions: 1.42.7, 1.43

Base Score: 5.0, Severity: MEDIUM, ID: CVE-2002-1312, Last Modified: 2017-07-11T01:29:00Z


Free Home-Networking Courses, tutorials and security checklists

USAGE: Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.