Shodan
Vulnerabilities
Vulnerable Software
Linksys:  Security Vulnerabilities
CVE-2024-57228
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
CVSS Score
8.0
EPSS Score
0.025
Published
2025-01-10
CVE-2024-57222
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
CVSS Score
6.3
EPSS Score
0.014
Published
2025-01-10
CVE-2024-48286
Linksys E3000 1.0.06.002_US is vulnerable to command injection via the diag_ping_start function.
CVSS Score
8.0
EPSS Score
0.011
Published
2024-11-21
CVE-2024-8408
A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validate_services_port of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument services_array leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.3
EPSS Score
0.004
Published
2024-09-04
CVE-2024-42633
A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges.
CVSS Score
8.8
EPSS Score
0.11
Published
2024-08-19
CVE-2024-41281
Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get_merge_mac function.
CVSS Score
8.8
EPSS Score
0.0
Published
2024-07-19
CVE-2024-40750
Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation.
CVSS Score
5.3
EPSS Score
0.0
Published
2024-07-09
CVE-2024-36821
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root.
CVSS Score
6.8
EPSS Score
0.104
Published
2024-06-11
CVE-2023-30305
An issue discovered in Linksys E5600 routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-05-28
CVE-2023-46012
Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute arbitrary code via an HTTP request to the IGD UPnP.
CVSS Score
9.8
EPSS Score
0.237
Published
2024-05-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved