The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has admin as its default password for the admin account, which makes it easier for remote attackers to obtain access.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Wag54gs | Linksys | * | firmware_1.01.03 (including) |
References
- http://osvdb.org/43536
- http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs/
- http://www.gnucitizen.org/projects/router-hacking-challenge/
- http://www.securityfocus.com/archive/1/489009/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41268
- http://osvdb.org/43536
- http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs/
- http://www.gnucitizen.org/projects/router-hacking-challenge/
- http://www.securityfocus.com/archive/1/489009/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41268