Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linksys vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-1243
Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote malicious users to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI.
Linksys Wrt300n
4
CVSSv2
CVE-2008-1263
The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
Linksys Wrt54g
7.8
CVSSv2
CVE-2008-1265
The Linksys WRT54G router allows remote malicious users to cause a denial of service (device restart) via a long username and password to the FTP interface.
Linksys Wrt54g
10
CVSSv2
CVE-2013-4658
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.
Linksys Ea6500 Firmware -
NA
CVE-2022-35572
On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other vendors/devices due to code reuse), the /SysInfo.htm URI does not require a session ID. This web page calls a show_sysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses,...
Linksys E5350 Firmware
4.9
CVSSv2
CVE-2022-24372
Linksys MR9600 devices prior to 2.0.5 allow malicious users to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.
Linksys Mr9600 Firmware
6.8
CVSSv2
CVE-2017-10677
Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version prior to 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP.
Linksys Ea4500 Firmware
10
CVSSv2
CVE-2009-3341
Buffer overflow on the Linksys WRT54GL wireless router allows remote malicious users to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 up to and including 8.11. NOTE: as of 20090917, this disclosure has no a...
Linksys Wrt54gl
6.5
CVSSv2
CVE-2020-35714
Belkin LINKSYS RE6500 devices prior to 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.
Linksys Re6500 Firmware
7.8
CVSSv2
CVE-2020-35716
Belkin LINKSYS RE6500 devices prior to 1.0.012.001 allow remote malicious users to cause a persistent denial of service (segmentation fault) via a long /goform/langSwitch langSelectionOnly parameter.
Linksys Re6500 Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »