Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linksys vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-3574
Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote malicious users to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setc...
Linksys Wag54gs 1.00.06
1 EDB exploit
10
CVSSv2
CVE-2017-17411
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper v...
Linksys Wvbr0 Firmware
2 EDB exploits
6.5
CVSSv2
CVE-2020-35714
Belkin LINKSYS RE6500 devices prior to 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.
Linksys Re6500 Firmware
9
CVSSv2
CVE-2020-35715
Belkin LINKSYS RE6500 devices prior to 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page.
Linksys Re6500 Firmware
10
CVSSv2
CVE-2010-1573
Linksys WAP54Gv3 firmware 3.04.03 and previous versions uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote malicious users to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameter...
Linksys Wap54g Firmware
7.1
CVSSv2
CVE-2008-4441
The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote malicious users to cause a denial of service (reboot or hang-up...
Linksys Wap400n 1.2.14
NA
CVE-2022-35572
On Linksys E5350 WiFi Router with firmware version 1.0.00.037 and lower, (and potentially other vendors/devices due to code reuse), the /SysInfo.htm URI does not require a session ID. This web page calls a show_sysinfo function which retrieves WPA passwords, SSIDs, MAC Addresses,...
Linksys E5350 Firmware
7.8
CVSSv2
CVE-2006-7121
The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote malicious users to cause a denial of service (reboot) via (1) a long URL, or a long (2) username or (3) password during Basic Authentication.
Linksys Spa921 1.0.0
6.4
CVSSv2
CVE-2004-0312
Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2.
Linksys Wap55ag 1.0.7
1 EDB exploit
NA
CVE-2022-38132
Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By specifying username and password, an attacker connected to the router's web interface can execute arbitrary OS commands. The username and password fields are not sanitized correct...
Linksys Mr8300 Firmware 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »