Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linksys vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2013-4658
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.
Linksys Ea6500 Firmware -
10
CVSSv2
CVE-2019-11535
Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 up to and including 1.2.04.022) allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI.
Linksys Re6400 Firmware
Linksys Re6300 Firmware
5
CVSSv2
CVE-2019-7579
An issue exists on Linksys WRT1900ACS 1.0.3.187766 devices. An ability exists for an unauthenticated user to browse a confidential ui/1.0.99.187766/dynamic/js/setup.js.localized file on the router's webserver, allowing for an malicious user to identify possible passwords tha...
Linksys Wrt1900acs Firmware 1.0.3.187766
9
CVSSv2
CVE-2009-5157
On Linksys WAG54G2 1.00.10 devices, there is authenticated command injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable.
Linksys Wag54g2 Firmware 1.00.10
7.2
CVSSv2
CVE-2019-7311
An issue exists on Linksys WRT1900ACS 1.0.3.187766 devices. A lack of encryption in how the user login cookie (admin-auth) is stored on a victim's computer results in the admin password being discoverable by a local attacker, and usable to gain administrative access to the v...
Linksys Wrt1900acs Firmware 1.0.3.187766
9
CVSSv2
CVE-2018-3955
An exploitable operating system command injection exists in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04). Specially crafted entries to network configuration information can cause execution of arbitrary syste...
Linksys E1200 Firmware 2.0.09
Linksys E2500 Firmware 3.0.04
9
CVSSv2
CVE-2018-3953
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrieved from NVRAM. Data entered into the ...
Linksys E1200 Firmware 2.0.09
Linksys E2500 Firmware 3.0.04
9
CVSSv2
CVE-2018-3954
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrieved from NVRAMData entered into the '...
Linksys E1200 Firmware 2.0.09
Linksys E2500 Firmware 3.0.04
9.3
CVSSv2
CVE-2018-17208
Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker with full root access, via cgi-bin/zbtest.cgi or cgi-bin/zbtest2.cgi (scripts that can be discovered with binwalk on the firmware, but are not visible in the web interface). This occ...
Linksys Velop Firmware 1.1.2.187020
4.3
CVSSv2
CVE-2012-6708
jQuery prior to 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' char...
Jquery Jquery
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »