Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2606

Description

The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.

Affected products

Linksys/Befsr41 V3
cpe:2.3:h:linksys:befsr41_v3:*:*:*:*:*:*:*:*
Linksys/Wrt54g
cpe:2.3:h:linksys:wrt54g:2.02.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ftp.linksys.com/pub/network/wrt54g_2.02.8_US_code_beta.zipnvdPatch
secunia.com/advisories/11754nvdPatchVendor Advisory
web.archive.org/web/20040823075750/http://www.linksys.com/download/firmware.aspnvdPatch
www.securityfocus.com/bid/10441nvdPatch
archives.neohapsis.com/archives/bugtraq/2004-05/0316.htmlnvd
archives.neohapsis.com/archives/bugtraq/2004-06/0002.htmlnvd
archives.neohapsis.com/archives/bugtraq/2004-06/0020.htmlnvd
archives.neohapsis.com/archives/bugtraq/2004-06/0190.htmlnvd
www.nwfusion.com/news/2004/0607confuse.htmlnvd
www.osvdb.org/6577nvd
www.securityfocus.com/archive/1/365175nvd
www.securityfocus.com/archive/1/365227/30/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/16274nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000