Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The vulnerability occurs because user-supplied CGI parameters (wl_ant, wl_ssid, wl_rate, ttcp_num, ttcp_ip, ttcp_size) are concatenated into system command strings without proper sanitization and executed via wl_exec_cmd. Successful exploitation allows remote attackers to execute arbitrary commands on the device without authentication.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linksys E1200 安全漏洞
Vulnerability Description
Linksys E1200是美国Linksys公司的一款路由器。 Linksys E1200 E1200_v2.0.11.001_us.tar.gz版本存在安全漏洞,该漏洞源于httpd二进制文件中存在未经验证的命令注入,可能导致执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A