إرسال #626679: Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injectionالمعلومات

عنوانLinksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injection
الوصفWe found an command Injection vulnerability in Linksys router with firmware which was released recently, allows remote attackers to execute arbitrary OS commands from a crafted request.In systemCommand function, ping_times、ping_size、command is directly passed by the attacker, so we can control the pwd to attack the OS.
المصدر⚠️ https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_49/49.md
المستخدم
 pjqwudi (UID 85106)
ارسال01/08/2025 04:27 AM (11 أشهر منذ)
الاعتدال10/08/2025 09:38 AM (9 days later)
الحالةمكرر
إدخال VulDB166834 [Linksys RE6500 قبل 1.0.11.001 goform/systemCommand command تجاوز الصلاحيات]
النقاط0

Might our Artificial Intelligence support you?

Check our Alexa App!