← Zuruck zu CVEs
CVE-2024-25852
HIGH8.8
Beschreibung
Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights.
CVE Details
CVSS v3.1 Bewertung8.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorADJACENT_NETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht4/11/2024
Zuletzt geandert6/17/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
linksys:re7000linksys:re7000_firmware
Schwachen (CWE)
CWE-284
Referenzen
https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd(cve@mitre.org)
https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md(af854a3a-2127-422b-91ae-364da2661108)
https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.