ГлавнаяУязвимости → CVE-2024-25852
8.8высокая

CVE-2024-25852

Описание

Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights.

Затрагиваемое ПО
Linksys Re7000 firmwareLinksys Re7000
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.mdhttps://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bdhttps://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.mdhttps://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd