Linksys E1500/E2500 Authenticated Command Execution

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote router is affected by an authenticated command execution
vulnerability

Description :

The remote Linksys router is affected by an authenticated command
execution vulnerability. An authenticated remote attacker can use
this vulnerability to execute operating system commands as root.

This vulnerability has been used by the IoT Reaper botnet.

See also :

http://www.s3cur1ty.de/m1adv2013-004
http://www.nessus.org/u?197042fe

Solution :

Upgrade to the latest firmware version.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 8.5
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: CGI abuses

Nessus Plugin ID: 104129 ()

Bugtraq ID: 57760

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now