CVE-2008-1263

{"id": "CVE-2008-1263", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-03-10T17:44:00.000", "references": [{"url": "http://www.gnucitizen.org/projects/router-hacking-challenge/", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/489009/100/0/threaded", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41115", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI."}, {"lang": "es", "value": "El router Linksys WRT54G almacena contrase\u00f1as y claves en texto llano en el fichero Config.bin, lo cual permite a usuarios remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de una petici\u00f3n HTTP de la URI de nivel superior Config.bin."}], "lastModified": "2018-10-11T20:31:24.230", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:wrt54g:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBBECE9D-7805-4521-A0B1-15F2755312B8"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}