CVSS: 8.3EPSS: 1%CPEs: 2EXPL: 3CVE-2022-43973 – Arbitrary code execution in Linksys WRT54GL
https://notcve.org/view.php?id=CVE-2022-43973
09 Jan 2023 — An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root. Existe una vulnerabilidad de ejecución d... • https://youtu.be/73-1lhvJPNg • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-35572
https://notcve.org/view.php?id=CVE-2022-35572
12 Sep 2022 — On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other vendors/devices due to code reuse), the /SysInfo.htm URI does not require a session ID. This web page calls a show_sysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses, serial numbers, WPS Pins, and hardware/firmware versions, and prints this information into the web page. This web page is visible when remote management is enabled. A user who has access to the web interface of the device can extra... • https://willgu.es/?p=76 • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 13%CPEs: 2EXPL: 1CVE-2022-38555
https://notcve.org/view.php?id=CVE-2022-38555
28 Aug 2022 — Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name. Linksys E1200 versión v1.0.04, es vulnerable a un desbordamiento del búfer por medio de la función ej_get_web_page_name. • http://linksys.com • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38132 – Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By specifying username and password, an attacker connected to the router's web interface can execute arbitrary OS commands.
https://notcve.org/view.php?id=CVE-2022-38132
23 Aug 2022 — Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By specifying username and password, an attacker connected to the router's web interface can execute arbitrary OS commands. The username and password fields are not sanitized correctly and are used as URL construction arguments, allowing URL redirection to an arbitrary server, downloading an arbitrary script file, and eventually executing the file in the device. This issue affects: Linksys MR8300 Router 1.0. Una vul... • https://downloads.linksys.com/support/assets/releasenotes/MR8300_1.1.10.210186_Customer_ReleaseNotes.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 1CVE-2022-24372
https://notcve.org/view.php?id=CVE-2022-24372
27 Apr 2022 — Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share. Los dispositivos Linksys MR9600 versiones anteriores a 2.0.5, permiten a atacantes leer archivos arbitrarios por medio de un enlace simbólico al directorio root de un recurso compartido NAS SMB • https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 91%CPEs: 2EXPL: 2CVE-2020-35713
https://notcve.org/view.php?id=CVE-2020-35713
26 Dec 2020 — Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page. Los dispositivos Belkin LINKSYS RE6500 versiones anteriores a 1.0.012.001, permiten a atacantes remotos ejecutar comandos arbitrarios o establecer una nueva contraseña por medio de metacaracteres de shell en la página goform/setSysAdm • https://github.com/Al1ex/CVE-2020-35713 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 3%CPEs: 2EXPL: 1CVE-2020-35714
https://notcve.org/view.php?id=CVE-2020-35714
26 Dec 2020 — Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program. Los dispositivos Belkin LINKSYS RE6500 versiones anteriores a 1.0.11.001, permiten a usuarios autenticados remotos ejecutar comandos arbitrarios por medio de goform/systemCommand?command= en conjunto con el programa goform/pingstart • https://bugcrowd.com/disclosures/72d7246b-f77f-4f7f-9bd1-fdc35663cc92/linksys-re6500-unauthenticated-rce-working-across-multiple-fw-versions • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 4%CPEs: 2EXPL: 1CVE-2020-35715
https://notcve.org/view.php?id=CVE-2020-35715
26 Dec 2020 — Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page. Los dispositivos Belkin LINKSYS RE6500 versiones anteriores a 1.0.012.001, permiten a usuarios autenticados remotos ejecutar comandos arbitrarios por medio de metacaracteres de shell en un nombre de archivo a la página upload_settings.cgi • https://bugcrowd.com/disclosures/72d7246b-f77f-4f7f-9bd1-fdc35663cc92/linksys-re6500-unauthenticated-rce-working-across-multiple-fw-versions • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 1CVE-2020-35716
https://notcve.org/view.php?id=CVE-2020-35716
26 Dec 2020 — Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to cause a persistent denial of service (segmentation fault) via a long /goform/langSwitch langSelectionOnly parameter. Los dispositivos Belkin LINKSYS RE6500 versiones anteriores a 1.0.012.001, permiten a atacantes remotos causar una denegación de servicio persistente (fallo de segmentación) por medio de un parámetro largo langSelectionOnly de /goform/langSwitch • https://bugcrowd.com/disclosures/72d7246b-f77f-4f7f-9bd1-fdc35663cc92/linksys-re6500-unauthenticated-rce-working-across-multiple-fw-versions •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2009-5140
https://notcve.org/view.php?id=CVE-2009-5140
12 Feb 2020 — The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue. La implementación SIP en el adaptador de teléfono Linksys SPA2102, proporciona credenciales en hash en respuesta a un desafío de autenticación no válido, lo que facilita a atacantes remotos obtener acceso por medio de un ataque de fuerza bruta, r... • http://voipsa.org/pipermail/voipsec_voipsa.org/2009-April/002946.html • CWE-307: Improper Restriction of Excessive Authentication Attempts •