Linksys E5600 v1.1.0.26 Command Injection Vulnerability
CVE-2024-33789

9.8CRITICAL

Key Information:

Vendor: Linksys
Status: E5600 Firmware
Vendor: CVE Published:; 3 May 2024

Badges

📰 News Worthy

What is CVE-2024-33789?

A security weakness has been identified in the Linksys E5600 router, which allows for command injection through the 'ipurl' parameter at the /API/info endpoint. This vulnerability could enable an attacker to execute arbitrary commands on the device, potentially compromising network security and exposing sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

News Articles

GBHackers on Security

CVE-2024-33789 CVE-2024-33788

Linksys Router Flaw Let Attackers Perform Command Injection, PoC Released

Linksys routers were discovered with two vulnerabilities which had the CVEs CVE-2024-33788 and CVE-2024-33789. These vulnerabilities were

References

https://github.com/ymkyu/CVE/tree/main/CVE-2024-33789

EPSS Score

9% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

📰
First article discovered by GBHackers on Security
May 6, 2024
Vulnerability published
May 3, 2024

JSON

Linksys

Badges

What is CVE-2024-33789?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

News Articles

Linksys Router Flaw Let Attackers Perform Command Injection, PoC Released

References

EPSS Score

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.