提出 #626679: Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injection情報

タイトルLinksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injection
説明We found an command Injection vulnerability in Linksys router with firmware which was released recently, allows remote attackers to execute arbitrary OS commands from a crafted request.In systemCommand function, ping_times、ping_size、command is directly passed by the attacker, so we can control the pwd to attack the OS.
ソース⚠️ https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_49/49.md
ユーザー
 pjqwudi (UID 85106)
送信2025年08月01日 04:27 (11 月 ago)
モデレーション2025年08月10日 09:38 (9 days later)
ステータス重複
VulDBエントリ166834 [Linksys RE6500 以前は 1.0.11.001 goform/systemCommand command 特権昇格]
ポイント0

Do you need the next level of professionalism?

Upgrade your account now!