Cisco Blogs

Vulnerability Spotlight: Linksys ESeries Multiple OS Command Injection Vulnerabilities

October 16, 2018 - 0 Comments

These vulnerabilities were discovered by Jared Rittle of Cisco Talos

Today, Talos is disclosing several vulnerabilities that have been identified in Linksys E Series of routers operating system.

Multiple exploitable OS command injection vulnerabilities exist in the Linksys ESeries line of routers. Specially crafted requests to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send an authenticated HTTP request to trigger these vulnerabilities.

Linksys E Series is a product line of routers for small and home offices supporting various features including easy management, security and QoS. It is designed to connect home computers, Internet-ready TVs, game consoles, smartphones, and other Wi-Fi devices at fast transfer rates for an unrivalled experience.


Leave a comment

We'd love to hear from you! Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed and HTML formatting will not appear.