Linksys (A division of Cisco Systems) Affected

Notified:  August 15, 2008 Updated: December 05, 2008

Status

Affected

Vendor Statement

Vulnerability 1: Remote Sensitive Information Disclosure Description: Data under "setup wizard" communication are not encrypted. Camera settings will be visible by using packet capture tools. Solution: 2300 and 210 have encrypted data and have no such issue. To decode the data, an administrator username/password is a MUST.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

This vulnerability is addressed in WVC54GC firmware version 1.25. Please see the release notes for more details.