Linksys E5600 v1.1.0.26 Command Injection Vulnerability
CVE-2024-33788

Currently unrated

Key Information:

Vendor
Linksys
Vendor
CVE Published:
6 May 2024

Badges

📰 News Worthy

Summary

CVE-2024-33788 and CVE-2024-33789 are two command injection vulnerabilities discovered in Linksys routers. These vulnerabilities allow threat actors to execute unauthorized commands on the affected devices, although no exploitation by ransomware groups has been reported. The vulnerabilities are associated with insufficient validation of user inputs in the routers' Wi-Fi configuration settings and diagnostics menu. Users are advised to upgrade to the latest versions of the software to prevent exploitation by threat actors.

News Articles

favicon imageGBHackers on Security

Linksys Router Flaw Let Attackers Perform Command Injection, PoC Released

Linksys routers were discovered with two vulnerabilities which had the CVEs CVE-2024-33788 and CVE-2024-33789. These vulnerabilities were

9 months ago

References

https://github.com/ymkyu/CVE/tree/main/CVE-2024-33788

Timeline

  • 📰

    First article discovered by GBHackers on Security

  • Vulnerability published

  • Vulnerability Reserved

.