Gửi #631517: Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injectionthông tin

tiêu đề	Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) OS Command Injection
Mô tả	We found an command Injection vulnerability in Linksys router with firmware which was released recently, allows remote attackers to execute arbitrary OS commands from a crafted request.In addStaticRoute function, staticRoute_IP_setting、staticRoute_Netmask_setting、staticRoute_Gateway_setting、staticRoute_Metric_setting、staticRoute_destType_setting is directly passed by the attacker, so we can control the staticRoute_IP_setting、staticRoute_Netmask_setting、staticRoute_Gateway_setting、staticRoute_Metric_setting、staticRoute_destType_setting to attack the OS.
Nguồn	⚠️ https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_11/11.md
Người dùng	pjqwudi (UID 85106)
Đệ trình	10/08/2025 13:41 (cách đây 11 các tháng)
Kiểm duyệt	20/08/2025 13:17 (10 days later)
Trạng thái	được chấp nhận
Mục VulDB	320775 [Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 đến 1.2.07.001 /goform/addStaticRoute nâng cao đặc quyền]
điểm	20

Interested in the pricing of exploits?

See the underground prices here!