Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linksys vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-35713
Belkin LINKSYS RE6500 devices prior to 1.0.012.001 allow remote malicious users to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.
Linksys Re6500 Firmware
1 Github repository
8.8
CVSSv3
CVE-2020-35714
Belkin LINKSYS RE6500 devices prior to 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.
Linksys Re6500 Firmware
8.8
CVSSv3
CVE-2020-35715
Belkin LINKSYS RE6500 devices prior to 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page.
Linksys Re6500 Firmware
7.5
CVSSv3
CVE-2020-35716
Belkin LINKSYS RE6500 devices prior to 1.0.012.001 allow remote malicious users to cause a persistent denial of service (segmentation fault) via a long /goform/langSwitch langSelectionOnly parameter.
Linksys Re6500 Firmware
7.2
CVSSv3
CVE-2022-43970
A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitra...
Linksys Wrt54gl Firmware
4.6
CVSSv3
CVE-2022-24372
Linksys MR9600 devices prior to 2.0.5 allow malicious users to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.
Linksys Mr9600 Firmware
NA
CVE-2007-6707
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and previous versions firmware allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574.
Linksys Wag54gs
NA
CVE-2005-2434
Linksys WRT54G router uses the same private key and certificate for every router, which allows remote malicious users to sniff the SSL connection and obtain sensitive information.
Linksys Wrt54g
NA
CVE-2007-2270
The Linksys SPA941 VoIP Phone allows remote malicious users to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request.
Linksys Spa941
2 EDB exploits
8.8
CVSSv3
CVE-2009-5140
The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote malicious users to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue...
Linksys Spa2102 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »