CVE-2008-7115

Belkin F5d7632-4 - Access Control

Title source: rule

Description

The web interface to the Belkin Wireless G router and ADSL2 modem F5D7632-4V6 with firmware 6.01.08 allows remote attackers to bypass authentication and gain administrator privileges via a direct request to (1) statusprocess.exe, (2) system_all.exe, or (3) restore.exe in cgi-bin/. NOTE: the setup_dns.exe vector is already covered by CVE-2008-1244.

Exploits (1)

exploitdb WORKING POC VERIFIED

by noensr · htmlremotehardware

https://www.exploit-db.com/exploits/6305

View Code ZIP pw:eip

References (4)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6305

[Vendor Advisory] http://secunia.com/advisories/31665

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/44874

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1020747

Scores

EPSS 0.0629

EPSS Percentile 91.0%

Details

CWE

CWE-264

Status published

Products (2)

belkin/f5d7632-4 6.01.08

belkin/wireless_g_router

Published Aug 28, 2009

Tracked Since Feb 18, 2026