Passed to the Internet Storm Center from Jim.
Linksys wireless access point(WAP610N) hasan unauthenticated root console issue
Taken from the actual advisory
*** SUMMARY ***
Linksys WAP610N is a SOHO wireless access point supporting 802.11n draft.
Unauthenticated remote textual administration console has been found that allow an attacker to run system command as root user.
Full details can be found here: http://www.securenetwork.it/ricerca/advisory/download/SN-2010-08.txt
This issue was also posted to the Full Disclosure mailing list http://seclists.org/fulldisclosure/2011/Feb/228
Chris Mohan — ISC Handler on Duty
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Related Posts
- Trojanized Apps Root Android Devices
Mobile threats are reaching new heights today, and the Android platform becoming a favorite of attackers. Google made the Android platform “open” as possible and released application development docum... - Happy 10th Birthday, Anna!
Every time I think about the Anna Kournikova virus, which today turns 10 years old, I think about David Perry and his famous story about one particular support call we received regarding a system infe... - Befriending Windows Security Log Events, (Thu, Feb 10th)
When a call starts off with I think we've had an incident or something isn't right actual proof of an event or incident has really occurred is a must*.If it's some odd happening on Windows, then it's... - From XSS to root: Lessons Learned From a Security Breach
In an excellent blog, the people from Apache did a very good job analyzing and documenting how a security breach happened–going through all the stages of the attack and drawing conclusions. Shou... - Java Floating point issue (CVE-2010-4476), (Wed, Feb 9th)
Oracle release a security bulletin yesterday relating to the binary floating point issue when converting2.2250738585072012e-308 to a binary floating-point number. (http://www.oracle.com/technetwork/to... - Java Floating point issue (CVE-2010-4476), (Wed, Feb 9th)
Oracle release a security bulletin yesterday relating to the binary floating point issue when converting2.2250738585072012e-308 to a binary floating-point number. (http://www.oracle.com/technetwork/to... - Microsoft to Issue a Dozen Updates Next Week to Windows, Visio
Next Tuesday, February 8, 2011, Microsoft will release 12 security bulletins and software updates to fix the 22 vulnerabilities described in the bulletins. 3 of the updates have a maximum rat... - Hackers issue bogus Amber Alert
Iowa's Amber Alert website was hacked and used to send out a bogus alert over the weekend. - on Computerworld Security News... - Adobe to Issue Acrobat and Reader Fixes Next Week
Adobe has issued a prenotification security advisory to say that next Tuesday, November 16, they will release security updates for Adobe Reader and Acrobat 9.x.
On that day they will releas... - Microsoft to Issue 3 Updates Next Week
Microsoft's Advance Notification Bulletin for November, 2010 is out. A total of 3 updates will be released, none of which are for Microsoft Windows.
The one critical update will be for Micro...
Posted on 10 February 2011. Tags: 10th, Console, Issue, Linksys, root, Unauthenticated, WAP610N
