| Title | Linksys Holdings, Inc. FGW3000-AH/FGW3000-HK <=Ver. 1.0.17.000000 Service parameter injection |
|---|
| Description | Linksys routers FGW3000-AH and FGW3000-HK are found to have a serious command execution vulnerability. An attacker can issue an unauthorized request via HTTP POST and execute commands by sending a special POST request via control_panel_sw.asp. |
|---|
| Source | ⚠️ https://github.com/CH13hh/tmp_store_cc/blob/main/FGW3000/2.md |
|---|
| User | CH13hh (UID 83683) |
|---|
| Submission | 04/26/2025 16:38 (1 Year ago) |
|---|
| Moderation | 05/20/2025 15:01 (24 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 309651 [Linksys FGW3000-AH/FGW3000-HK up to 1.0.17.000000 HTTP POST Request /cgi-bin/sysconf.cgi control_panel_sw filename command injection] |
|---|
| Points | 17 |
|---|