Vulnerabilities > Linksys > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-8408 | Out-of-bounds Write vulnerability in Linksys Wrt54G Firmware 4.21.5 A vulnerability was found in Linksys WRT54G 4.21.5. | 9.8 |
| 2022-08-28 | CVE-2022-38555 | Out-of-bounds Write vulnerability in Linksys E1200 Firmware 1.0.04 Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name. | 9.8 |
| 2020-12-26 | CVE-2020-35713 | OS Command Injection vulnerability in Linksys Re6500 Firmware Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page. | 9.8 |
| 2019-11-21 | CVE-2019-16340 | Forced Browsing vulnerability in Linksys products Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI. | 9.8 |
| 2019-10-25 | CVE-2013-4658 | Path Traversal vulnerability in Linksys Ea6500 Firmware Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. | 9.8 |
| 2019-07-17 | CVE-2019-11535 | Command Injection vulnerability in Linksys Re6300 Firmware and Re6400 Firmware Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 through 1.2.04.022) allows for remote command execution. | 9.8 |
| 2017-12-21 | CVE-2017-17411 | OS Command Injection vulnerability in Linksys Wvbr0 Firmware This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. | 9.8 |
| 2010-06-10 | CVE-2010-1573 | Use of Hard-coded Credentials vulnerability in Linksys Wap54G Firmware Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi. | 9.8 |