| tiêu đề | Linksys WRT54GL Wireless-G WiFi Router v4.30.18 Incorrect Access Control |
|---|
| Mô tả | # Info Leak in Linksys-WRT54GL Router
## Overview
* Type: Information leak
* Supplier: Linksys
* Product: WRT54GL Wireless-G WiFi Router
* Affect version: (lastest) v4.30.18
* Firmware download: https://downloads.linksys.com/downloads/firmware/FW_WRT54GL_4.30.18.006_US_20160108.bin
## Description
An information leaking vulnerability is at the web management interface of the affected routers. Without any permission, an attacker can get sensitive information such as 'NetworkMode', 'channel' from the victim URL.
The victim URL is a hidden interface and isn't been protected by authentication.
## Business Impact
The leaked information is sensitive and could result in serious damage. Thus the vulnerability is very dangerous which could also result in reputational damage for the business through the impact on customers' trust.
## Steps to Reproduce
Visit the victim URL from the web, such sensitive information as 'NetworkMode', 'channel', and some configurations are exposed.
|
|---|
| Nguồn | ⚠️ https://github.com/leetsun/Hints/tree/main/linksys-wrt54gl/2 |
|---|
| Người dùng | leetsun (UID 39457) |
|---|
| Đệ trình | 01/02/2024 05:50 (cách đây 2 những năm) |
|---|
| Kiểm duyệt | 09/02/2024 17:13 (8 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 253329 [Linksys WRT54GL 4.30.18 Web Management Interface /wlaninfo.htm tiết lộ thông tin] |
|---|
| điểm | 20 |
|---|