Vulnerability Description
Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linksys | Befsr11 | 1.42.7 |
| Linksys | Befsr41 | 1.42.7 |
| Linksys | Befsru31 | 1.42.7 |
References
- http://www.iss.net/security_center/static/9330.php
- http://www.securiteam.com/securitynews/5OP022K7GE.htmlVendor Advisory
- http://www.securityfocus.com/bid/4987
- http://www.iss.net/security_center/static/9330.php
- http://www.securiteam.com/securitynews/5OP022K7GE.htmlVendor Advisory
- http://www.securityfocus.com/bid/4987
FAQ
What is CVE-2002-2159?
CVE-2002-2159 is a vulnerability with a CVSS score of 10.0 (HIGH). Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options ...
How severe is CVE-2002-2159?
CVE-2002-2159 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2159?
Check the references section above for vendor advisories and patch information. Affected products include: Linksys Befsr11, Linksys Befsr41, Linksys Befsru31.