Command Injection Vulnerability in Linksys E7350 Router

CVE-2024-57222

Summary

The Linksys E7350 router version 1.1.00.032 has a security flaw that allows attackers to execute arbitrary commands on the affected system. This vulnerability occurs through improper validation of the ifname parameter used in the apcli_cancel_wps function, presenting a significant risk to network integrity. Successful exploitation could lead to unauthorized access and manipulation of the router's functionalities, which may compromise user data and system performance.

References