{"api_version":"1","generated_at":"2026-04-26T16:47:23+00:00","cve":"CVE-2002-2159","urls":{"html":"https://cve.report/CVE-2002-2159","api":"https://cve.report/api/cve/CVE-2002-2159.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2002-2159","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2002-2159"},"summary":{"title":"CVE-2002-2159","description":"Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the \"Block WAN\" and \"Remote Admin\" options are disabled, which allows remote attackers to gain access.","state":"PUBLISHED","assigner":"mitre","published_at":"2002-12-31 05:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securiteam.com/securitynews/5OP022K7GE.html","name":"http://www.securiteam.com/securitynews/5OP022K7GE.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"'Linksys Cable/DSL 4port Exposure Issue' - SecuriTeam","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.iss.net/security_center/static/9330.php","name":"http://www.iss.net/security_center/static/9330.php","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"ISS X-Force Database: linksys-etherfast-admin-enabled (9330): Linksys EtherFast routers enable remote administration upon firmware upgrade","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/4987","name":"http://www.securityfocus.com/bid/4987","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Sorry, the content you are trying to view does not exist.\n\t\t\t\t\t\tIf you feel this message is in error, please email the webmaster.","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2002-2159","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2002-2159","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2002","cve_id":"2159","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"linksys","cpe5":"befsr11","cpe6":"1.42.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2002","cve_id":"2159","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"linksys","cpe5":"befsr41","cpe6":"1.42.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2002","cve_id":"2159","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"linksys","cpe5":"befsru31","cpe6":"1.42.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T03:51:17.490Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"linksys-etherfast-admin-enabled(9330)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"http://www.iss.net/security_center/static/9330.php"},{"name":"4987","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/4987"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.securiteam.com/securitynews/5OP022K7GE.html"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2002-09-06T00:00:00.000Z","descriptions":[{"lang":"en","value":"Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the \"Block WAN\" and \"Remote Admin\" options are disabled, which allows remote attackers to gain access."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-11T15:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"linksys-etherfast-admin-enabled(9330)","tags":["vdb-entry","x_refsource_XF"],"url":"http://www.iss.net/security_center/static/9330.php"},{"name":"4987","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/4987"},{"tags":["x_refsource_MISC"],"url":"http://www.securiteam.com/securitynews/5OP022K7GE.html"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2002-2159","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the \"Block WAN\" and \"Remote Admin\" options are disabled, which allows remote attackers to gain access."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"linksys-etherfast-admin-enabled(9330)","refsource":"XF","url":"http://www.iss.net/security_center/static/9330.php"},{"name":"4987","refsource":"BID","url":"http://www.securityfocus.com/bid/4987"},{"name":"http://www.securiteam.com/securitynews/5OP022K7GE.html","refsource":"MISC","url":"http://www.securiteam.com/securitynews/5OP022K7GE.html"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2002-2159","datePublished":"2005-11-16T21:17:00.000Z","dateReserved":"2005-11-16T00:00:00.000Z","dateUpdated":"2024-08-08T03:51:17.490Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2002-12-31 05:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:linksys:befsr11:1.42.7:*:*:*:*:*:*:*","matchCriteriaId":"A7F5E5AA-6469-4405-BDE9-AD4D174A1A6F"},{"vulnerable":true,"criteria":"cpe:2.3:h:linksys:befsr41:1.42.7:*:*:*:*:*:*:*","matchCriteriaId":"525E00CA-DEEA-410F-A90C-C73C8D304E36"},{"vulnerable":true,"criteria":"cpe:2.3:h:linksys:befsru31:1.42.7:*:*:*:*:*:*:*","matchCriteriaId":"958AF49D-FB97-476F-B8DF-5A760F72DBC6"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2002","CveId":"2159","Ordinal":"1","Title":"CVE-2002-2159","CVE":"CVE-2002-2159","Year":"2002"},"notes":[{"CveYear":"2002","CveId":"2159","Ordinal":"1","NoteData":"Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the \"Block WAN\" and \"Remote Admin\" options are disabled, which allows remote attackers to gain access.","Type":"Description","Title":"CVE-2002-2159"},{"CveYear":"2002","CveId":"2159","Ordinal":"2","NoteData":"2005-11-16","Type":"Other","Title":"Published"},{"CveYear":"2002","CveId":"2159","Ordinal":"3","NoteData":"2017-07-11","Type":"Other","Title":"Modified"}]}}}