|
Description
|
|
Multiple vulnerabilities have been identified in Linkys WVC54GCA, which could be exploited by attackers to gain knowledge of sensitive information or compromise a vulnerable device.
The first issue is caused due to the device sending the administrative password in plain-text, which could allow attackers to compromise an affected device.
The second vulnerability is caused by an error in the "main.cgi" script when processing the "next_file" parameter, which could be exploited by attackers to retrieve the ".htpasswd" file and gain knowledge of administrative credentials.
The third issue is caused by input validation errors in the "adm/file.cgi" script when processing the "next_file" and "this_file" parameters, which could be exploited to disclose the contents of arbitrary files within a vulnerable device.
The fourth issue is caused due to the "pass_wd.htm" and "Wsecurity.htm" pages containing the administrative password and the WEP/WPA/WPA2 encryption key in the HTML source code, which could be exploited to compromise a vulnerable device or network.
The fifth vulnerability is caused by input validation errors in the "main.cgi", "img/main.cgi" and "adm/file.cgi" scripts when processing the "next_file" and "this_file" parameters, which could be exploited to conduct cross site scripting attacks.
|
