Linksys E2000 vulnerable to authentication bypass via position.js file
CVE-2024-27497
Currently unrated 🤨
Key Information
- Vendor
- Linksys
- Vendor
- CVE Published:
- 1 March 2024
Badges
😄 Trended👾 Exploit Exists📰 News Worthy
Summary
The Linksys E2000 router is vulnerable to an authentication bypass via the position.js file. This flaw allows attackers to obtain active session keys and gain unauthorized access to the router's admin interface. There is no official fix for this vulnerability, leaving users at risk of exploitation. The impact of this vulnerability includes potential data theft, device compromise, and the use of the network for malicious activity. The absence of a patch necessitates proactive measures to mitigate the risk of exploitation.
News Articles
Security For Everyone CVE-2024-27497
CVE-2024-27497 scanner - Improper Authentication vulnerability in Linksys E2000
Detects 'Improper Authentication' vulnerability in Linksys E2000 affects v. 1.0.06
8 months ago
securityonline.info CVE-2024-27497
CVE-2024-27497: Replace Your Linksys E2000 Router Now
A severe security hole (CVE-2024-27497) in the Linksys E2000 router lets hackers waltz right into your network
8 months ago