Command Injection Vulnerability in Linksys E8450 Router by Linksys
CVE-2024-57536

8HIGH

Key Information:

Vendor: Linksys
Status: E8450
Vendor: CVE Published:; 21 January 2025

Summary

The Linksys E8450 router is affected by a command injection vulnerability that can be exploited through the wizard_status component. This flaw may allow an attacker to send unauthorized commands, potentially compromising the router's functionality and the network it serves. It is crucial for users to be aware of this vulnerability to prevent unauthorized access and ensure their router is up to date with the latest security patches.

References

https://github.com/Wood1314/Linksys_E8450_vul/blob/main/8...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 21, 2025
Vulnerability Reserved
Jan 9, 2025