Shodan
Vulnerabilities
Vulnerable Software
Linksys:  Security Vulnerabilities
CVE-2024-48286
Linksys E3000 1.0.06.002_US is vulnerable to command injection via the diag_ping_start function.
CVSS Score
8.0
EPSS Score
0.241
Published
2024-11-21
CVE-2024-8408
A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validate_services_port of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument services_array leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
5.3
EPSS Score
0.003
Published
2024-09-04
CVE-2024-42633
A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges.
CVSS Score
8.8
EPSS Score
0.033
Published
2024-08-19
CVE-2024-40495
A vulnerability was discovered in Linksys Router E2500 with firmware 2.0.00, allows authenticated attackers to execute arbitrary code via the hnd_parentalctrl_unblock function.
CVSS Score
8.0
EPSS Score
0.002
Published
2024-07-24
CVE-2024-41281
Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get_merge_mac function.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-07-19
CVE-2024-40750
Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-07-09
CVE-2024-36821
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root.
CVSS Score
6.8
EPSS Score
0.131
Published
2024-06-11
CVE-2023-30305
An issue discovered in Linksys E5600 routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-05-28
CVE-2023-46012
Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute arbitrary code via an HTTP request to the IGD UPnP.
CVSS Score
9.8
EPSS Score
0.346
Published
2024-05-07
CVE-2024-33788
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the PinCode parameter at /API/info form endpoint.
CVSS Score
8.0
EPSS Score
0.026
Published
2024-05-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved