Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell metacharacters in the apply.cgi ping_ip parameter on TCP port 52000.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Linksys多款产品 操作系统命令注入漏洞
Vulnerability Description
Linksys E1000等都是美国Linksys公司的一款路由器。 Linksys多款产品存在操作系统命令注入漏洞,该漏洞源于TCP端口52000上apply.cgi的ping_ip参数存在shell元字符,可能导致OS命令注入。以下产品和版本受到影响:Linksys E1000 2.1.02及之前版本、E1200 2.0.05之前版本和E3200 1.0.04及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A