CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11535

Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 through 1.2.04.022) allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.034

EPSS Ranking 86.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2019-11535

Linksys » Re6300 » Version: 1

cpe:2.3:h:linksys:re6300:1
Linksys » Re6400 » Version: 1

cpe:2.3:h:linksys:re6400:1
Linksys » Re6300 Firmware » Version: 1.1.00.010

cpe:2.3:o:linksys:re6300_firmware:1.1.00.010
Linksys » Re6300 Firmware » Version: 1.1.01.003

cpe:2.3:o:linksys:re6300_firmware:1.1.01.003
Linksys » Re6300 Firmware » Version: 1.2.02.002

cpe:2.3:o:linksys:re6300_firmware:1.2.02.002
Linksys » Re6300 Firmware » Version: 1.2.03.004

cpe:2.3:o:linksys:re6300_firmware:1.2.03.004
Linksys » Re6300 Firmware » Version: 1.2.04.022

cpe:2.3:o:linksys:re6300_firmware:1.2.04.022
Linksys » Re6400 Firmware » Version: 1.1.00.010

cpe:2.3:o:linksys:re6400_firmware:1.1.00.010
Linksys » Re6400 Firmware » Version: 1.1.01.003

cpe:2.3:o:linksys:re6400_firmware:1.1.01.003
Linksys » Re6400 Firmware » Version: 1.2.02.002

cpe:2.3:o:linksys:re6400_firmware:1.2.02.002
Linksys » Re6400 Firmware » Version: 1.2.03.004

cpe:2.3:o:linksys:re6400_firmware:1.2.03.004
Linksys » Re6400 Firmware » Version: 1.2.04.022

cpe:2.3:o:linksys:re6400_firmware:1.2.04.022

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11535

Products

Pricing

Contact Us