Linksys Luki w zabezpieczeniach

Oś czasu

Rodzaj

Produkt

Linksys WRT54G12
Linksys WRT54GL9
Linksys WAG54GS6
Linksys BEFSR416
Linksys E12004

Przeciwdziałanie

Official Fix33
Temporary Fix0
Workaround7
Unavailable13
Not Defined55

Wykorzystywanie

High12
Functional1
Proof-of-Concept33
Unproven7
Not Defined55

Wektor dostępu

Not Defined0
Physical0
Local1
Adjacent14
Network93

Uwierzytelnianie

Not Defined0
High6
Low28
None74

Interakcja z użytkownikiem

Not Defined0
Required14
None94

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤44
≤514
≤621
≤725
≤826
≤96
≤1012

CVSSv3 Temp

≤10
≤20
≤30
≤47
≤519
≤616
≤730
≤818
≤910
≤108

VulDB

≤10
≤20
≤30
≤44
≤520
≤627
≤715
≤828
≤92
≤1012

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤811
≤97
≤104

CNA

≤10
≤20
≤30
≤40
≤53
≤60
≤71
≤86
≤91
≤100

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k9
<2k59
<5k35
<10k1
<25k3
<50k0
<100k1
≥100k0

Wykorzystaj dzisiaj

<1k99
<2k8
<5k0
<10k1
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (63): AX3200 (1), BEFN2PS4 (1), BEF Router (1), BEFSR11 (2), BEFSR41 (6), BEFSR81 (1), BEFSRU31 (2), BEFSX41 (1), BEFVP41 (2), BEFW11S4 (4), BEGSR41 (1), DI-704 (1), DI-804 (1), E1200 (4), E1700 (2), E2000 (3), E2500 (3), E5350 (1), EA (2), EA4500 (1), EA6500 (4), EtherFast (1), MR8300 (1), MR9600 (1), Psus4 Printserver (1), RE6300 (1), RE6400 (1), RE6500 (3), RT31P2 (1), Router (2), SPA-2102 Phone Adapter (1), SPA941 (2), Spa921 (1), Velop (1), WAG54G2 (1), WAG54GS (6), WAG200G (3), WAP54Gv3 (2), WAP55AG (1), WAP4400N (1), WET11 (2), WIP 330 Wireless-G IP Phone (1), WPC300N Wireless-n Notebook Adapter Driver (1), WRT54G (12), WRT54GC (1), WRT54GL (9), WRT54GS (1), WRT54G V5 (1), WRT54G Wireless-G Router (1), WRT54GX (1), WRT54g (2), WRT160N (3), WRT300N (1), WRT310N (1), WRT1900ACS (2), WRV54G (1), WUMC710 (1), WVBR0 (1), WVC11B (2), WVC54GCA (1), WVC80N (1), Wap400n (2), X3000 (1)

Link to Vendor Website: https://www.linksys.com/

OpublikowanoBaseTempSłaby punktProdWykPrzCTIEPSSCVE
2024-03-016.36.3Linksys E2000 position.js weak authenticationRouter Operating SystemNot DefinedNot Defined0.080.00053CVE-2024-27497
2024-02-278.08.0Linksys E1700 setDateTime Privilege EscalationRouter Operating SystemNot DefinedNot Defined0.040.00043CVE-2024-22544
2024-02-276.36.3Linksys E1700 GET Request ExportSettings weak authenticationRouter Operating SystemNot DefinedNot Defined0.020.00043CVE-2024-22543
2024-02-094.34.1Linksys WRT54GL Web Management Interface SysInfo1.htm information disclosureRouter Operating SystemProof-of-ConceptNot Defined0.070.00046CVE-2024-1406
2024-02-094.34.1Linksys WRT54GL Web Management Interface wlaninfo.htm information disclosureRouter Operating SystemProof-of-ConceptNot Defined0.080.00056CVE-2024-1405
2024-02-095.45.2Linksys WRT54GL Web Management Interface SysInfo.htm information disclosureRouter Operating SystemProof-of-ConceptNot Defined0.090.00098CVE-2024-1404
2023-05-236.36.3Linksys E2000 POST Request Start_EPI privilege escalationRouter Operating SystemNot DefinedNot Defined0.050.00379CVE-2023-31741
2023-05-236.36.3Linksys E2000 POST Request apply.cgi privilege escalationRouter Operating SystemNot DefinedNot Defined0.020.00379CVE-2023-31740
2023-05-226.36.3Linksys WRT54GL POST Request Start_EPI privilege escalationRouter Operating SystemNot DefinedNot Defined0.000.00379CVE-2023-31742
2023-04-165.55.3Linksys AX3200 Diagnostics Traceroute Page privilege escalationNieznanyNot DefinedNot Defined0.020.00931CVE-2022-38841
2023-01-106.86.8Linksys WRT54GL upnp soap_action denial of serviceRouter Operating SystemNot DefinedNot Defined0.000.00091CVE-2022-43972
2023-01-107.27.2Linksys WUMC710 httpd setNTP.cgi do_setNTP privilege escalationNieznanyNot DefinedNot Defined0.020.00144CVE-2022-43971
2023-01-107.27.2Linksys WRT54GL httpd apply.cgi Start_EPI memory corruptionRouter Operating SystemNot DefinedNot Defined0.020.00227CVE-2022-43970
2023-01-107.27.2Linksys WRT54GL httpd apply.cgi Check_TSSI privilege escalationRouter Operating SystemNot DefinedNot Defined0.050.00149CVE-2022-43973
2022-09-136.96.9Linksys E5350 Web Interface SysInfo.htm show_sysinfo privilege escalationRouter Operating SystemNot DefinedNot Defined0.040.00183CVE-2022-35572
2022-08-287.67.5Linksys E1200 ej_get_web_page_name memory corruptionRouter Operating SystemNot DefinedNot Defined0.000.00190CVE-2022-38555
2022-08-248.18.1Linksys MR8300 DDNS Service privilege escalationNieznanyNot DefinedNot Defined0.070.00043CVE-2022-38132
2022-04-284.34.1Linksys MR9600 NAS SMB Share privilege escalationNieznanyNot DefinedOfficial Fix0.020.00073CVE-2022-24372
2020-12-264.34.3Linksys RE6500 langSwitch denial of serviceNieznanyNot DefinedOfficial Fix0.000.00515CVE-2020-35716
2020-12-266.36.3Linksys RE6500 upload_settings.cgi privilege escalationNieznanyNot DefinedOfficial Fix0.040.00942CVE-2020-35715
2020-12-266.36.3Linksys RE6500 systemCommand privilege escalationNieznanyNot DefinedOfficial Fix0.020.00942CVE-2020-35714
2019-10-258.58.5Linksys EA6500 SMB directory traversalRouter Operating SystemNot DefinedNot Defined0.000.00721CVE-2013-4658
2019-07-178.58.5Linksys RE6300/RE6400 Web UI privilege escalationNieznanyNot DefinedNot Defined0.040.00794CVE-2019-11535
2019-06-176.46.4Linksys WRT1900ACS Webserver setup.js.localized Password privilege escalationRouter Operating SystemNot DefinedNot Defined0.020.00365CVE-2019-7579
2019-06-117.57.2Linksys WAG54G2 setup.cgi privilege escalationNieznanyProof-of-ConceptOfficial Fix0.000.54224CVE-2009-5157

83 więcej wpisów nie jest pokazywanych

Do you want to use VulDB in your project?

Use the official API to access entries easily!