BugTraq
Linksys E1200 and E2500 (Missing authorization on parental control) Aug 14 2016 09:40PM
samhuntley84 gmail com


Linksys E1200 hardware version 2.2 and firmware version 2.0.07 (build 2) suffer from missing authorization control on parental control page. This allows an attacker to change the parental controls set up by parents to keep kids safe from visiting adult sites and probably compromise a kid?s device.

Info at
http://www.samuelhuntley.com/?p=132
http://www.samuelhuntley.com/?p=143

Initial disclosure date: 04/12/16
Fixed date as per Linksys contact: 7/4/16
Linksys contact: Benjamin Samuels, Calvin Clark (security (at) linksys (dot) com [email concealed])

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus