Vulnerabilities > Linksys
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-25 | CVE-2013-4658 | Path Traversal vulnerability in Linksys Ea6500 Firmware Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. | 9.8 |
| 2019-07-17 | CVE-2019-11535 | Command Injection vulnerability in Linksys Re6300 Firmware and Re6400 Firmware Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 through 1.2.04.022) allows for remote command execution. | 9.8 |
| 2019-06-17 | CVE-2019-7579 | Improper Authentication vulnerability in Linksys Wrt1900Acs Firmware 1.0.3.187766 An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. | 7.5 |
| 2019-06-11 | CVE-2009-5157 | Command Injection vulnerability in Linksys Wag54G2 Firmware 1.00.10 On Linksys WAG54G2 1.00.10 devices, there is authenticated command injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable. | 8.8 |
| 2019-06-06 | CVE-2019-7311 | Missing Encryption of Sensitive Data vulnerability in Linksys Wrt1900Acs Firmware 1.0.3.187766 An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. | 7.8 |
| 2018-10-17 | CVE-2018-3955 | OS Command Injection vulnerability in Linksys E1200 Firmware and E2500 Firmware An exploitable operating system command injection exists in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04). | 7.2 |
| 2018-10-17 | CVE-2018-3954 | OS Command Injection vulnerability in Linksys E1200 Firmware and E2500 Firmware Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrieved from NVRAMData entered into the 'Router Name' input field through the web portal is submitted to apply.cgi as the value to the 'machine_name' POST parameter. | 7.2 |
| 2018-10-17 | CVE-2018-3953 | OS Command Injection vulnerability in Linksys E1200 Firmware and E2500 Firmware Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrieved from NVRAM. | 7.2 |
| 2018-09-19 | CVE-2018-17208 | OS Command Injection vulnerability in Linksys Velop Firmware 1.1.2.187020 Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker with full root access, via cgi-bin/zbtest.cgi or cgi-bin/zbtest2.cgi (scripts that can be discovered with binwalk on the firmware, but are not visible in the web interface). | 8.8 |
| 2017-12-21 | CVE-2017-17411 | OS Command Injection vulnerability in Linksys Wvbr0 Firmware This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. | 9.8 |