Vulnerability Spotlight: Linksys ESeries Multiple OS Command Injection Vulnerabilities


October 16, 2018 - 0 Comments

These vulnerabilities were discovered by Jared Rittle of Cisco Talos

Today, Talos is disclosing several vulnerabilities that have been identified in Linksys E Series of routers operating system.

Multiple exploitable OS command injection vulnerabilities exist in the Linksys ESeries line of routers. Specially crafted requests to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send an authenticated HTTP request to trigger these vulnerabilities.

Linksys E Series is a product line of routers for small and home offices supporting various features including easy management, security and QoS. It is designed to connect home computers, Internet-ready TVs, game consoles, smartphones, and other Wi-Fi devices at fast transfer rates for an unrivalled experience.

Read More >>



Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.