Vulnerability Details CVE-2024-42633
A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.11
EPSS Ranking 93.1%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2024-42633
-
cpe:2.3:h:linksys:e1500:-
-
cpe:2.3:o:linksys:e1500_firmware:1.0.06.001