CVE-2008-4390
Severity CVSS v4.0:
Pending analysis
Type:
CWE-319
Cleartext Transmission of Sensitive Information
Publication date:
09/12/2008
Last modified:
09/04/2025
Description
The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by sniffing the network.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:linksys_wvc54gc_firmware:*:*:*:*:*:*:*:* | 1.25 (excluding) | |
| cpe:2.3:h:cisco:linksys_wvc54gc:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/33032
- http://www.kb.cert.org/vuls/id/528993
- http://www.kb.cert.org/vuls/id/MAPG-7HJKSA
- http://www.linksys.com/servlet/Satellite?blobcol=urldata&blobheadername1=Content-Type&blobheadername2=Content-Disposition&blobheadervalue1=text/plain&blobheadervalue2=inline%3B%20filename%3DWVC54GC-V1.0_non-RoHS-v1.25_fw_ver.txt&blobkey=id&blobtable=MungoBlobs&blobwhere=1193776031728&ssbinary=true&lid=8104724130B17
- http://www.securityfocus.com/bid/32666
- http://secunia.com/advisories/33032
- http://www.kb.cert.org/vuls/id/528993
- http://www.kb.cert.org/vuls/id/MAPG-7HJKSA
- http://www.linksys.com/servlet/Satellite?blobcol=urldata&blobheadername1=Content-Type&blobheadername2=Content-Disposition&blobheadervalue1=text/plain&blobheadervalue2=inline%3B%20filename%3DWVC54GC-V1.0_non-RoHS-v1.25_fw_ver.txt&blobkey=id&blobtable=MungoBlobs&blobwhere=1193776031728&ssbinary=true&lid=8104724130B17
- http://www.securityfocus.com/bid/32666