10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.003 Low
EPSS
Percentile
69.5%
The Linksys WVC54GC wireless video camera insecurely sends initial configuration information over the network, which can allow a remote, unauthenticated attacker to intercept video streams, access wireless network authentication credentials, modify the device firmware, or cause a denial-of-service to the video camera.
The Linksys WVC54GC wireless video camera uses 916/udp
for remote management commands. When a certain packet is delivered to that port, the device responds with a packet that contains the majority of the deviceโs configuration. This packet includes details such as username, password, wireless ssid, WEP key, WEP password, WPA key, and DNS server. This packet is sent over the network unencrypted, which can allow an attacker to obtain these details.
By delivering a specially crafted packet to 916/udp
of an affected device, a remote, unauthenticated attacker may be able to obtain information to intercept video streams, access wireless network authentication credentials, modify the device firmware, or cause a denial-of-service to the video camera.
Apply an update
This vulnerability is addressed in WVC54GC firmware version 1.25. Please see the release notes for more details.
528993
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: August 15, 2008 Updated: December 05, 2008
Affected
Vulnerability 1: Remote Sensitive Information Disclosure
Description: Data under โsetup wizardโ communication are not encrypted.
Camera settings will be visible by using packet capture tools.
Solution: 2300 and 210 have encrypted data and have no such issue. To decode the data, an administrator username/password is a MUST.
The vendor has not provided us with any further information regarding this vulnerability.
This vulnerability is addressed in WVC54GC firmware version 1.25. Please see the release notes for more details.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23528993 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Andre Protas of eEye for reporting this vulnerability, who in turn also credits Greg Linares of eEye.
This document was written by Will Dormann.
CVE IDs: | CVE-2008-4390 |
---|---|
Severity Metric: | 1.59 Date Public: |
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.003 Low
EPSS
Percentile
69.5%