Description
LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm.
Affected products
- linksys / befsr411.35 – 1.35
- linksys / befsr411.36 – 1.36
- linksys / befsr411.37 – 1.37
- linksys / befsr411.38.5 – 1.38.5
References
- MISChttp://www.securityfocus.com/archive/1/201390
- MISChttp://www.securityfocus.com/bid/3141
- MISChttp://www.osvdb.org/5467
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/6949
- MISChttp://www.osvdb.org/1920
- MISChttp://www.securityfocus.com/archive/1/203302
- MISCftp://ftp.linksys.com/pub/befsr41/befsr-fw1402.zip
Updated 15m ago · 2 sources