CVSS: 7.2EPSS: 1%CPEs: 2EXPL: 1CVE-2023-31741
https://notcve.org/view.php?id=CVE-2023-31741
There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ssid, wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges. • http://linksys.com https://github.com/D2y6p/CVE/blob/main/Linksys/CVE-2023-31741/Linksys_E2000_RCE_2.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.2EPSS: 1%CPEs: 2EXPL: 1CVE-2023-31742
https://notcve.org/view.php?id=CVE-2023-31742
There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges. • http://linksys.com https://github.com/D2y6p/CVE/blob/main/Linksys/CVE-2023-31742/Linksys_WRT54GL_RCE.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 3CVE-2022-38841 – Linksys AX3200 V1.1.00 - Command Injection
https://notcve.org/view.php?id=CVE-2022-38841
Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page. Linksys AX3200 version 1.1.00 suffers from a remote command injection vulnerability. • https://www.exploit-db.com/exploits/51035 http://packetstormsecurity.com/files/171433/Linksys-AX3200-1.1.00-Command-Injection.html https://drive.google.com/drive/folders/1rAa4zzJPwMop0AEMiI2NKqUaZno7Ccqb?usp=sharing • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2022-43972 – Null pointer dereference in Linksys WRT54GL
https://notcve.org/view.php?id=CVE-2022-43972
A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the AddPortMapping action. Existe una vulnerabilidad de desreferencia de puntero nulo en el router Linksys WRT54GL Wireless-G Broadband con firmware <= 4.30.18.006. Un atacante no autenticado puede desencadenar una desreferencia de puntero nulo en la función SOAP_action dentro del binario upnp a través de una solicitud POST maliciosa que invoca la acción AddPortMapping. • https://youtu.be/73-1lhvJPNg https://youtu.be/RfWVYCUBNZ0 https://youtu.be/TeWAmZaKQ_w • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 3CVE-2022-43973 – Arbitrary code execution in Linksys WRT54GL
https://notcve.org/view.php?id=CVE-2022-43973
An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root. Existe una vulnerabilidad de ejecución de código arbitrario en el router Linksys WRT54GL Wireless-G Broadband con firmware <= 4.30.18.006. La función Check_TSSI dentro del binario httpd utiliza entradas de usuario no validadas en la construcción de un comando del sistema. • https://youtu.be/73-1lhvJPNg https://youtu.be/RfWVYCUBNZ0 https://youtu.be/TeWAmZaKQ_w • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •