Gửi #626682: Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injectionthông tin

tiêu đềLinksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injection
Mô tảWe found an command Injection vulnerability in Linksys router with firmware which was released recently, allows remote attackers to execute arbitrary OS commands from a crafted request.In setDFSSetting function, lanNetmask、lanIp is directly passed by the attacker, so we can control the staticIp、lanNetmask、lanIp to attack the OS.
Nguồn⚠️ https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_52/52.md
Người dùng
 pjqwudi (UID 85106)
Đệ trình01/08/2025 04:29 (cách đây 11 các tháng)
Kiểm duyệt10/08/2025 10:03 (9 days later)
Trạng tháiđược chấp nhận
Mục VulDB319352 [Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 đến 20250801 /goform/setLan setDFSSetting lanNetmask/lanIp nâng cao đặc quyền]
điểm18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!