Vulnerability Details CVE-2013-4658
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://www.ise.io/casestudies/exploiting-soho-routers/
- https://www.ise.io/soho_service_hacks/
- https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf
- https://www.ise.io/casestudies/exploiting-soho-routers/
- https://www.ise.io/soho_service_hacks/
- https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf
Products affected by CVE-2013-4658
-
cpe:2.3:h:linksys:ea6500:-
-
cpe:2.3:o:linksys:ea6500_firmware:-