Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linksys vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-2799
Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions prior to 4.20.7, allows remote malicious users to execute arbitrary code via a long HTTP POST request.
Linksys Wrt54g 3.01.3
Linksys Wrt54g 3.03.6
2 EDB exploits
10
CVSSv2
CVE-2013-4658
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.
Linksys Ea6500 Firmware -
9
CVSSv2
CVE-2020-35715
Belkin LINKSYS RE6500 devices prior to 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page.
Linksys Re6500 Firmware
7.8
CVSSv2
CVE-2020-35716
Belkin LINKSYS RE6500 devices prior to 1.0.012.001 allow remote malicious users to cause a persistent denial of service (segmentation fault) via a long /goform/langSwitch langSelectionOnly parameter.
Linksys Re6500 Firmware
10
CVSSv2
CVE-2010-1573
Linksys WAP54Gv3 firmware 3.04.03 and previous versions uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote malicious users to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameter...
Linksys Wap54g Firmware
4.3
CVSSv2
CVE-2007-6707
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and previous versions firmware allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574.
Linksys Wag54gs
10
CVSSv2
CVE-2008-1247
The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote malicious users to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) c...
Linksys Wrt54g
1 EDB exploit
4.3
CVSSv2
CVE-2007-5411
Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote malicious users to inject arbitrary web script or HTML via the From header in a SIP message.
Linksys Spa941
1 EDB exploit
10
CVSSv2
CVE-2020-35713
Belkin LINKSYS RE6500 devices prior to 1.0.012.001 allow remote malicious users to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.
Linksys Re6500 Firmware
1 Github repository
6.5
CVSSv2
CVE-2020-35714
Belkin LINKSYS RE6500 devices prior to 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.
Linksys Re6500 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »