Description
ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914.
References (1)
Core 1
Core References
Various Sources third-party-advisory
x_refsource_idefense
http://www.idefense.com/application/poi/display?id=304&type=vulnerabilities
Scores
EPSS
0.0018
EPSS Percentile
39.8%
Details
Status
published
Products (3)
linksys/wrt54g
2.04.4_non_default
linksys/wrt54g
3.01.3
linksys/wrt54g
3.03.6
Published
Sep 14, 2005
Tracked Since
Feb 18, 2026