Linksys E5600 v1.1.0.26 Command Injection Vulnerability
CVE-2024-33788

Currently unrated

Key Information:

Vendor: Linksys
Vendor: CVE Published:; 6 May 2024

Badges

📰 News Worthy

What is CVE-2024-33788?

CVE-2024-33788 and CVE-2024-33789 are two command injection vulnerabilities discovered in Linksys routers. These vulnerabilities allow threat actors to execute unauthorized commands on the affected devices, although no exploitation by ransomware groups has been reported. The vulnerabilities are associated with insufficient validation of user inputs in the routers' Wi-Fi configuration settings and diagnostics menu. Users are advised to upgrade to the latest versions of the software to prevent exploitation by threat actors.

News Articles

GBHackers on Security

CVE-2024-33789 CVE-2024-33788

Linksys Router Flaw Let Attackers Perform Command Injection, PoC Released

Linksys routers were discovered with two vulnerabilities which had the CVEs CVE-2024-33788 and CVE-2024-33789. These vulnerabilities were

References

https://github.com/ymkyu/CVE/tree/main/CVE-2024-33788

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by GBHackers on Security
May 6, 2024
Vulnerability published
May 6, 2024
Vulnerability Reserved
Apr 26, 2024