Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1250

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-1250
Last Modified 03 Jan 2013 11:36:51
Published 04 Jun 2012 01:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-1250

Summary

Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related to PPPoE authentication.

Vulnerable Systems

Application

  • Logitec Lan-w300n%2fr Firmware 1.17

  • Logitec Lan-w300n%2fr Firmware 1.18

  • Logitec Lan-w300n%2fr Firmware 2.10a

  • Logitec Lan-w300n%2fr Firmware 2.17

  • Logitec Lan-w300n%2frs Firmware 1.17

  • Logitec Lan-w300n%2frs Firmware 1.18

  • Logitec Lan-w300n%2frs Firmware 2.10a

  • Logitec Lan-w300n%2frs Firmware 2.17

  • Logitec Lan-w300n%2fru2 Firmware 1.17

  • Logitec Lan-w300n%2fru2 Firmware 1.18

  • Logitec Lan-w300n%2fru2 Firmware 2.10a

  • Logitec Lan-w300n%2fru2 Firmware 2.17


References

CONFIRM - http://www.logitec.co.jp/info/2012/0516.html

JVNDB - JVNDB-2012-000051

JVN - JVN#85934986

BID - 53685

SECUNIA - 49289


Last Updated: 27 May 2016 10:49:36