CVE-2019-11535
Summary
| CVE | CVE-2019-11535 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-07-17 20:15:00 UTC |
| Updated | 2020-08-24 17:37:00 UTC |
| Description | Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 through 1.2.04.022) allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI. |
Risk And Classification
Problem Types: CWE-77
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Linksys | Re6300 | 1 | All | All | All |
| Hardware | Linksys | Re6300 | 1 | All | All | All |
| Operating System | Linksys | Re6300 Firmware | All | All | All | All |
| Hardware | Linksys | Re6400 | 1 | All | All | All |
| Hardware | Linksys | Re6400 | 1 | All | All | All |
| Operating System | Linksys | Re6400 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| s3.amazonaws.com/downloads.linksys.com/support/assets/releasenotes/Linksys%20R... | CONFIRM | s3.amazonaws.com | Release Notes, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.