Filtered by vendor Linksys
Subscriptions
Total
128 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-57536 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 8 High |
| Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status. | ||||
| CVE-2024-57537 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 6.3 Medium |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification. | ||||
| CVE-2024-57538 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 6.5 Medium |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification. | ||||
| CVE-2024-57539 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 8.2 High |
| Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via userEmail. | ||||
| CVE-2024-57540 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 6.5 Medium |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification. | ||||
| CVE-2024-57541 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 5.5 Medium |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification. | ||||
| CVE-2024-57542 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 8.8 High |
| Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via the field id_email_check_btn. | ||||
| CVE-2024-57543 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 5.5 Medium |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification. | ||||
| CVE-2024-57544 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 5.5 Medium |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification. | ||||
| CVE-2024-57545 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | 5.5 Medium |
| Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification. | ||||
| CVE-2017-10677 | 1 Linksys | 2 Ea4500, Ea4500 Firmware | 2025-04-20 | N/A |
| Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP. | ||||
| CVE-2017-17411 | 1 Linksys | 2 Wvbr0, Wvbr0 Firmware | 2025-04-20 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892. | ||||
| CVE-2024-57228 | 1 Linksys | 2 E7350, E7350 Firmware | 2025-04-16 | 8 High |
| Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. | ||||
| CVE-2024-57227 | 1 Linksys | 2 E7350, E7350 Firmware | 2025-04-16 | 8 High |
| Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. | ||||
| CVE-2024-57226 | 1 Linksys | 2 E7350, E7350 Firmware | 2025-04-16 | 8 High |
| Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. | ||||
| CVE-2024-57225 | 1 Linksys | 2 E7350, E7350 Firmware | 2025-04-16 | 9.8 Critical |
| Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. | ||||
| CVE-2024-57224 | 1 Linksys | 2 E7350, E7350 Firmware | 2025-04-16 | 9.8 Critical |
| Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. | ||||
| CVE-2024-57223 | 1 Linksys | 2 E7350, E7350 Firmware | 2025-04-16 | 9.8 Critical |
| Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. | ||||
| CVE-2024-57222 | 1 Linksys | 2 E7350, E7350 Firmware | 2025-04-16 | 6.3 Medium |
| Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. | ||||
| CVE-2013-3065 | 1 Linksys | 2 Ea6500, Ea6500 Firmware | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section. | ||||