VYPR
Unrated severityNVD Advisory· Published Aug 19, 2024· Updated Aug 20, 2024

CVE-2024-42633

CVE-2024-42633

Description

A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges.

Affected products

2
  • Linksys/E1500cpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = v1.0.06.001

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.