cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-57539,https://securityvulnerability.io/vulnerability/CVE-2024-57539,Command Injection Flaw in Linksys E8450 Router by Linksys,"A command injection vulnerability exists in the Linksys E8450 Router, specifically affecting version 1.2.00.360516. This issue arises from improper handling of user input through the userEmail parameter, potentially allowing attackers to execute arbitrary commands on the device. Exploitation of this vulnerability could compromise the integrity and security of the router, highlighting the importance of applying patches and following security best practices.",Linksys,E8450,8.2,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-57540,https://securityvulnerability.io/vulnerability/CVE-2024-57540,Buffer Overflow Vulnerability in Linksys E8450 Router by Linksys,"The Linksys E8450 router, specifically version v1.2.00.360516, contains a vulnerability where a buffer overflow occurs during the parsing of the action field. This vulnerability allows data to be copied to the stack without the necessary length verification, potentially leading to unexpected behavior or exploitation. Users are advised to apply mitigations or updates to safeguard against any exploitation risks.",Linksys,E8450,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-57543,https://securityvulnerability.io/vulnerability/CVE-2024-57543,Buffer Overflow Vulnerability in Linksys E8450 Router by Linksys,"The Linksys E8450 router has been identified to have a buffer overflow vulnerability that occurs when the `dhcpstart_ip` field is copied to the stack without proper length verification. This oversight could allow an attacker to exploit the device, potentially leading to unauthorized access or other malicious actions.",Linksys,E8450 Router,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-57537,https://securityvulnerability.io/vulnerability/CVE-2024-57537,Buffer Overflow Vulnerability in Linksys E8450 by Linksys,"The Linksys E8450 router versions, specifically v1.2.00.360516, are affected by a buffer overflow vulnerability. This issue occurs when an improperly validated parsed field (page) is copied to the stack, potentially allowing unauthorized access and manipulation. Ensuring appropriate input validation measures can mitigate the risk of exploitation.",Linksys,Linksys E8450,6.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-57545,https://securityvulnerability.io/vulnerability/CVE-2024-57545,Buffer Overflow Vulnerability in Linksys E8450 Router by Linksys,"The Linksys E8450 router has a vulnerability that results from insufficient length verification during the parsing of the hidden_dhcp_num field, leading to a buffer overflow. This flaw allows malicious actors to manipulate memory at runtime, posing risks to device stability and network security. Users are advised to apply patches or updates to mitigate potential threats.",Linksys,Linksys E8450,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-57542,https://securityvulnerability.io/vulnerability/CVE-2024-57542,Command Injection Vulnerability in Linksys E8450 Network Router,"The Linksys E8450 network router is susceptible to a command injection vulnerability, specifically through the 'id_email_check_btn' field. This flaw could allow an attacker to execute arbitrary commands on the device, potentially compromising the network's integrity and security. Users of affected versions should prioritize applying available patches to mitigate risks associated with this vulnerability.",Linksys,E8450,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-57536,https://securityvulnerability.io/vulnerability/CVE-2024-57536,Command Injection Vulnerability in Linksys E8450 Router by Linksys,"The Linksys E8450 router is affected by a command injection vulnerability that can be exploited through the wizard_status component. This flaw may allow an attacker to send unauthorized commands, potentially compromising the router's functionality and the network it serves. It is crucial for users to be aware of this vulnerability to prevent unauthorized access and ensure their router is up to date with the latest security patches.",Linksys,E8450,8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-57541,https://securityvulnerability.io/vulnerability/CVE-2024-57541,Buffer Overflow Vulnerability in Linksys E8450 by Linksys,"The Linksys E8450 v1.2.00.360516 is susceptible to a buffer overflow vulnerability that occurs when the ipv6_protect_status field is copied to the stack without proper length validation. This oversight can potentially allow an attacker to exploit the vulnerability, leading to unexpected behavior, data corruption, or unauthorized access.",Linksys,E8450,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-57544,https://securityvulnerability.io/vulnerability/CVE-2024-57544,Buffer Overflow Vulnerability in Linksys E8450 Router by Linksys,"The Linksys E8450 router is affected by a buffer overflow vulnerability that occurs when the parsed field 'lan_ipaddr' is copied to the stack without proper length verification. This weakness could potentially allow an attacker to exploit the overflow, leading to unauthorized access or manipulation of sensitive data on the device. Users are advised to apply the necessary updates to mitigate this risk.",Linksys,E8450 Router,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2024-57538,https://securityvulnerability.io/vulnerability/CVE-2024-57538,Buffer Overflow Vulnerability in Linksys E8450 Router,"The Linksys E8450 router has been identified to have a buffer overflow vulnerability. This issue occurs when the system improperly handles the 'anonymous_protect_status' field, which is copied to the stack without adequate length verification. This can potentially allow an attacker to execute arbitrary code on the affected device, posing severe risks to network security.",Linksys,E8450,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T00:00:00.000Z,0
CVE-2025-22997,https://securityvulnerability.io/vulnerability/CVE-2025-22997,Stored Cross-Site Scripting in Linksys E5600 Router Component,"A stored cross-site scripting (XSS) vulnerability exists in the prf_table_content component of the Linksys E5600 Router Version 1.1.0.26. This security flaw allows attackers to inject a malicious payload into the 'desc' parameter, enabling them to execute arbitrary web scripts or HTML. If exploited, this vulnerability could lead to unauthorized access or manipulation of sensitive information, emphasizing the need for users to patch their devices promptly.",Linksys,,4.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-15T00:15:00.000Z,0
CVE-2025-22996,https://securityvulnerability.io/vulnerability/CVE-2025-22996,Stored Cross-Site Scripting Vulnerability in Linksys E5600 Router,A stored cross-site scripting (XSS) vulnerability exists in the spf_table_content component of the Linksys E5600 Router (Version 1.1.0.26). This vulnerability allows attackers to execute arbitrary scripts or HTML by injecting crafted payloads into the 'desc' parameter. Such exploitation can lead to unauthorized access and manipulation of sensitive information presented to users through the web interface.,Linksys,,4.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-15T00:15:00.000Z,0
CVE-2024-57226,https://securityvulnerability.io/vulnerability/CVE-2024-57226,Command Injection Vulnerability in Linksys E7350 Router,"The Linksys E7350 router version 1.1.00.032 has a command injection vulnerability in the vif_enable function. This flaw can be exploited via the iface parameter, allowing an attacker to execute arbitrary commands on the affected system. Proper caution should be exercised to address this vulnerability to secure network communications and device integrity.",Linksys,,8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-10T18:15:00.000Z,0
CVE-2024-57227,https://securityvulnerability.io/vulnerability/CVE-2024-57227,Command Injection Vulnerability in Linksys E7350 Router,"The Linksys E7350 router version 1.1.00.032 is susceptible to a command injection vulnerability stemming from the ifname parameter in the apcli_do_enr_pbc_wps function. This flaw allows an attacker to execute arbitrary commands on the device, which could lead to unauthorized access and control over the network settings. Proper security measures and updates are essential to mitigate risks associated with this vulnerability.",Linksys,,8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-10T18:15:00.000Z,0
CVE-2024-57222,https://securityvulnerability.io/vulnerability/CVE-2024-57222,Command Injection Vulnerability in Linksys E7350 Router,"The Linksys E7350 router version 1.1.00.032 has a security flaw that allows attackers to execute arbitrary commands on the affected system. This vulnerability occurs through improper validation of the ifname parameter used in the apcli_cancel_wps function, presenting a significant risk to network integrity. Successful exploitation could lead to unauthorized access and manipulation of the router's functionalities, which may compromise user data and system performance.",Linksys,,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-10T18:15:00.000Z,0
CVE-2024-57224,https://securityvulnerability.io/vulnerability/CVE-2024-57224,Command Injection Vulnerability in Linksys E7350 Router,"The Linksys E7350 router, specifically in version 1.1.00.032, is susceptible to a command injection vulnerability. This flaw occurs through the 'ifname' parameter in the 'apcli_do_enr_pin_wps' function, potentially allowing an attacker to execute arbitrary commands on the affected device. This vulnerability may lead to unauthorized access and compromise of the router's integrity, impacting both the device and connected networks significantly.",Linksys,,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-10T18:15:00.000Z,0
CVE-2024-57223,https://securityvulnerability.io/vulnerability/CVE-2024-57223,Command Injection Vulnerability in Linksys E7350 by Linksys,"The Linksys E7350 version 1.1.00.032 is susceptible to a command injection vulnerability through the 'ifname' parameter in the 'apcli_wps_gen_pincode' function. This flaw could allow an attacker to execute arbitrary commands on the device, which may compromise the security of the network. It's crucial for users to assess their exposure and apply relevant security measures to safeguard their devices.",Linksys,,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-10T18:15:00.000Z,0
CVE-2024-57228,https://securityvulnerability.io/vulnerability/CVE-2024-57228,Command Injection Vulnerability in Linksys E7350 Router by Linksys,"The Linksys E7350 router version 1.1.00.032 is impacted by a command injection vulnerability that occurs through the iface parameter in the vif_disable function. This vulnerability can potentially allow an attacker to execute arbitrary commands on the affected device, thereby compromising network integrity and user data. Proper configuration and regular updates are essential to mitigate this risk.",Linksys,,8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-10T18:15:00.000Z,0
CVE-2024-57225,https://securityvulnerability.io/vulnerability/CVE-2024-57225,Command Injection Vulnerability in Linksys E7350 Router,"The Linksys E7350 Router, specifically version 1.1.00.032, has a vulnerability that allows for command injection through improper handling of the 'devname' parameter in the 'reset_wifi' function. This oversight could enable an attacker to execute arbitrary commands and potentially compromise the device's security, leading to unauthorized access or control over the network configuration.",Linksys,,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-10T18:15:00.000Z,0
CVE-2024-48286,https://securityvulnerability.io/vulnerability/CVE-2024-48286,Linksys E3000 Vulnerable to Command Injection via diag_ping_start Function,Linksys E3000 1.0.06.002_US is vulnerable to command injection via the diag_ping_start function.,Linksys,,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-21T18:15:00.000Z,0
CVE-2024-8408,https://securityvulnerability.io/vulnerability/CVE-2024-8408,Stack-Based Buffer Overflow in Linksys WRT54G,"A significant vulnerability exists in Linksys WRT54G version 4.21.5, specifically within the validate_services_port function of the apply.cgi component. This flaw allows for stack-based buffer overflow triggered by manipulation of the services_array argument. The vulnerability can be exploited remotely, potentially exposing systems to malicious attacks. Despite early disclosures to the vendor regarding this issue, there has been no response. As public knowledge increases, the risk of exploitation remains a pressing concern for affected users.",Linksys,Wrt54g Firmware,9.8,CRITICAL,0.0023399998899549246,false,,false,false,false,,,false,false,,2024-09-04T14:15:00.000Z,0
CVE-2024-42633,https://securityvulnerability.io/vulnerability/CVE-2024-42633,Command Injection Vulnerability in Linksys E1500 Router,"The Linksys E1500 router is susceptible to a Command Injection vulnerability within the do_upgrade_post function of its httpd binary. This security flaw permits an authenticated attacker to execute arbitrary OS commands with elevated privileges. By exploiting this vulnerability, attackers could potentially gain control over the router's operating system, leading to further exploits or network breaches. It is crucial for users to apply the necessary security patches and follow best practices to mitigate any risks associated with this vulnerability.",Linksys,E1500 Firmware,8.8,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-08-19T16:15:00.000Z,0
CVE-2024-40495,https://securityvulnerability.io/vulnerability/CVE-2024-40495,Arbitrary Code Execution Vulnerability in Linksys E2500 Router,"A security flaw in the Linksys E2500 Router's firmware, specifically version 2.0.00, enables authenticated attackers to exploit the hnd_parentalctrl_unblock function. This vulnerability could potentially allow unauthorized execution of arbitrary code, posing significant risks to the device's security and network integrity. Users are advised to apply available security updates and follow best practices for router security to mitigate potential threats.",Linksys,E2500 Router,,,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-07-24T00:00:00.000Z,0
CVE-2024-41281,https://securityvulnerability.io/vulnerability/CVE-2024-41281,Stack Overflow Vulnerability in Get_Merge_Mac Function Affects Linksys WRT54G v4.21.5,Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get_merge_mac function.,Linksys,,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-19T00:00:00.000Z,0
CVE-2024-40750,https://securityvulnerability.io/vulnerability/CVE-2024-40750,Cleartext Wi-Fi Password Transmission in Linksys Velop Routers,"Linksys Velop Pro 6E and 7 models have a significant flaw that causes Wi-Fi passwords to be transmitted in cleartext during app-based setup. This security lapse allows potential attackers to intercept sensitive information while it traverses the public internet, exposing users to unauthorized access to their Wi-Fi networks.",Linksys,Velop Pro 6E and Velop 7,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-09T20:15:00.000Z,0