Linksys E5600 v1.1.0.26 Command Injection Vulnerability

CVE-2024-33788

Currently unrated 🤨

Key Information

Vendor: Linksys
Vendor: CVE Published:; 6 May 2024

Badges

📰 News Worthy

Summary

CVE-2024-33788 and CVE-2024-33789 are two command injection vulnerabilities discovered in Linksys routers. These vulnerabilities allow threat actors to execute unauthorized commands on the affected devices, although no exploitation by ransomware groups has been reported. The vulnerabilities are associated with insufficient validation of user inputs in the routers' Wi-Fi configuration settings and diagnostics menu. Users are advised to upgrade to the latest versions of the software to prevent exploitation by threat actors.

News Articles

GBHackers on Security

CVE-2024-33789 CVE-2024-33788

Linksys Router Flaw Let Attackers Perform Command Injection, PoC Released

Linksys routers were discovered with two vulnerabilities which had the CVEs CVE-2024-33788 and CVE-2024-33789. These vulnerabilities were

8 months ago

References

https://github.com/ymkyu/CVE/tree/main/CVE-2024-33788

Timeline

📰
First article discovered by GBHackers on Security
May 6, 2024
Vulnerability published
May 6, 2024
Vulnerability Reserved
Apr 26, 2024

Collectors

NVD DatabaseMitre Database1 News Article(s)