Vulnerability Details CVE-2022-24372
Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.3%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 4.9
References
- https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/
- https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt
- https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/
- https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt
Products affected by CVE-2022-24372
-
cpe:2.3:h:linksys:mr9600:-
-
cpe:2.3:o:linksys:mr9600_firmware:-