Arbitrary Code Execution Vulnerability in Linksys E2500 Router
CVE-2024-40495

Currently unrated

Key Information:

Vendor: Linksys
Status: E2500 Router
Vendor: CVE Published:; 24 July 2024

Summary

A security flaw in the Linksys E2500 Router's firmware, specifically version 2.0.00, enables authenticated attackers to exploit the hnd_parentalctrl_unblock function. This vulnerability could potentially allow unauthorized execution of arbitrary code, posing significant risks to the device's security and network integrity. Users are advised to apply available security updates and follow best practices for router security to mitigate potential threats.

References

http://linksys.com

http://e2500.com

https://github.com/iotaMing/IOT-CVE/blob/master/Linksys/C...

Timeline

Vulnerability published
Jul 24, 2024
Vulnerability Reserved
Jul 5, 2024