Command Execution Vulnerability in Linksys RE7000
CVE-2024-25852
Currently unrated
Summary
The Linksys RE7000 devices, specifically versions v2.0.9, v2.0.11, and v2.0.15, are susceptible to a command execution vulnerability via the AccessControlList parameter. This flaw enables an attacker to execute arbitrary commands that could lead to the unauthorized elevation of privileges, allowing them to gain administrator access to the device. Such access can compromise the security settings, data integrity, and overall functionality of the networking equipment, posing significant risks to users and their networks.
References
EPSS Score
92% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved