Описание
Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 through 1.2.04.022) allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI.
Ссылки
- Release NotesThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.04.022 (включая)
Одновременно
cpe:2.3:o:linksys:re6400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:linksys:re6400:1:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.2.04.022 (включая)
Одновременно
cpe:2.3:o:linksys:re6300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:linksys:re6300:1:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03363
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-77
Связанные уязвимости
github
больше 3 лет назад
Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 through 1.2.04.022) allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI.
EPSS
Процентиль: 87%
0.03363
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-77