Linksys E-Series Routers Multiple Vulnerabilities

Last Update Date: 25 Feb 2014 09:32 Release Date: 25 Feb 2014 3196 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities have been identified in multiple Linksys E-Series routers, which can be exploited by malicious people to bypass certain security restrictions.

  1. The device does not properly restrict access to tmUnblock.cgi and hndUnblock.cgi, which can be exploited to inject and execute arbitrary shell commands.
    Note: Reportedly, this vulnerability is currently actively exploited in the wild.
  2. The device does not properly restrict access to the access console, which can be exploited to gain access to otherwise restricted functionality via TCP port 8083.

Note: Vendor patch is currently unavailable.

Impact

  • Security Restriction Bypass

System / Technologies affected

  • Linksys E4200
  • Linksys EA2700
  • Linksys EA3500
  • Linksys EA4500

Solutions

  • Note: Vendor patch is currently unavailable.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Kloxo SQL Injection Vulnerability

24 Feb 2014 3512 Views

Next

Google Chrome Multiple Vulnerabilities

24 Feb 2014 3127 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY