Vulnerability Description
Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related to PPPoE authentication.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Logitech | Lan-W300N\/Ru2 Firmware | < 2.27 |
| Logitech | Lan-W300N\/R | - |
| Logitech | Lan-W300N\/Rs | - |
| Logitech | Lan-W300N\/Ru2 | - |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN85934986/index.htmlThird Party Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000051Third Party AdvisoryVDB Entry
- http://secunia.com/advisories/49289Broken Link
- http://www.logitec.co.jp/info/2012/0516.htmlVendor Advisory
- http://www.securityfocus.com/bid/53685Third Party AdvisoryVDB Entry
- http://jvn.jp/en/jp/JVN85934986/index.htmlThird Party Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000051Third Party AdvisoryVDB Entry
- http://secunia.com/advisories/49289Broken Link
- http://www.logitec.co.jp/info/2012/0516.htmlVendor Advisory
- http://www.securityfocus.com/bid/53685Third Party AdvisoryVDB Entry
FAQ
What is CVE-2012-1250?
CVE-2012-1250 is a vulnerability with a CVSS score of 10.0 (HIGH). Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related t...
How severe is CVE-2012-1250?
CVE-2012-1250 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1250?
Check the references section above for vendor advisories and patch information. Affected products include: Logitech Lan-W300N\/Ru2 Firmware, Logitech Lan-W300N\/R, Logitech Lan-W300N\/Rs, Logitech Lan-W300N\/Ru2.