Command Injection Vulnerability in Linksys E7350 Router
CVE-2024-57225
Currently unrated
Summary
The Linksys E7350 Router, specifically version 1.1.00.032, has a vulnerability that allows for command injection through improper handling of the 'devname' parameter in the 'reset_wifi' function. This oversight could enable an attacker to execute arbitrary commands and potentially compromise the device's security, leading to unauthorized access or control over the network configuration.
References
Timeline
Vulnerability published