Filtered by vendor Linksys
Subscribe
Total
209 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0888 | 3 Atmel, Linksys, Netgear | 3 Firmware, Wap11, Me102 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Atmel Firmware 1.3 Wireless Access Point (WAP) allows remote attackers to cause a denial of service via a SNMP request with (1) a community string other than "public" or (2) an unknown OID, which causes the WAP to deny subsequent SNMP requests. | |||||
| CVE-2004-0580 | 1 Linksys | 12 Befcmu10, Befn2ps4, Befsr11 and 9 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2002-2137 | 5 Alloy, D-link, Eusso and 2 more | 5 Gl-2422ap-s, Dwl-900ap\+, Gl2422 Ap and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155. | |||||
| CVE-2001-0514 | 3 Atmel, Linksys, Netgear | 3 802.11b Vnet-b Access Point, Wap11, Me102 | 2025-04-03 | 7.5 HIGH | N/A |
| SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network. | |||||
| CVE-2005-2799 | 1 Linksys | 1 Wrt54g | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request. | |||||
| CVE-2003-1497 | 1 Linksys | 1 Befsx41 | 2025-04-03 | 6.3 MEDIUM | N/A |
| Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable. | |||||
| CVE-2006-1973 | 1 Linksys | 1 Rt31p2 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages. | |||||
| CVE-2005-4257 | 1 Linksys | 4 Befw11s4, Befw11s4 V3, Befw11s4 V4 and 1 more | 2025-04-03 | 7.8 HIGH | N/A |
| Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. | |||||
| CVE-2005-2912 | 1 Linksys | 1 Wrt54g | 2025-04-03 | 5.0 MEDIUM | N/A |
| Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value. | |||||
| CVE-2002-2159 | 1 Linksys | 3 Befsr11, Befsr41, Befsru31 | 2025-04-03 | 10.0 HIGH | N/A |
| Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access. | |||||
| CVE-2005-1059 | 1 Linksys | 1 Wet11 | 2025-04-03 | 2.1 LOW | N/A |
| Linksys WET11 1.5.4 allows remote attackers to change the password without providing the original password via the data parameter to changepw.html. | |||||
| CVE-2025-29226 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-04-01 | N/A | 6.3 MEDIUM |
| In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["count"] parameter. | |||||
| CVE-2025-29227 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-04-01 | N/A | 6.3 MEDIUM |
| In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["pkgsize"] parameter. | |||||
| CVE-2025-29230 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-04-01 | N/A | 8.6 HIGH |
| Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.emailReg function. The vulnerability can be triggered via the `pt["email"]` parameter. | |||||
| CVE-2025-29223 | 1 Linksys | 2 E5600, E5600 Firmware | 2025-04-01 | N/A | 6.3 MEDIUM |
| Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt parameter in the traceRoute function. | |||||
| CVE-2022-38841 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-02-06 | N/A | 8.8 HIGH |
| Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page. | |||||
| CVE-2023-31742 | 1 Linksys | 2 Wrt54gl, Wrt54gl Firmware | 2025-01-28 | N/A | 7.2 HIGH |
| There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges. | |||||
| CVE-2023-31741 | 1 Linksys | 2 E2000, E2000 Firmware | 2025-01-21 | N/A | 7.2 HIGH |
| There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ssid, wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges. | |||||
| CVE-2023-31740 | 1 Linksys | 2 E2000, E2000 Firmware | 2025-01-21 | N/A | 7.2 HIGH |
| There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters WL_atten_bb, WL_atten_radio, and WL_atten_ctl in the apply.cgi interface, thereby gaining shell privileges. | |||||
| CVE-2024-36821 | 1 Linksys | 2 Velop Whw0101, Velop Whw0101 Firmware | 2024-11-21 | N/A | 6.8 MEDIUM |
| Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root. | |||||