Gửi #626687: Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injectionthông tin

tiêu đềLinksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injection
Mô tảWe found an command Injection vulnerability in Linksys router with firmware which was released recently, allows remote attackers to execute arbitrary OS commands from a crafted request.In setDeviceName function, DeviceName is directly passed by the attacker, so we can control the DeviceName to attack the OS.
Nguồn⚠️ https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_57/57.md
Người dùng
 pjqwudi (UID 85106)
Đệ trình01/08/2025 04:32 (cách đây 11 các tháng)
Kiểm duyệt10/08/2025 10:06 (9 days later)
Trạng tháiđược chấp nhận
Mục VulDB319357 [Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 đến 20250801 /goform/setDeviceName nâng cao đặc quyền]
điểm18

Do you know our Splunk app?

Download it now for free!