Lucene search
ZdiCVELIST:CVE-2017-17411HistoryDec 21, 2017 - 2:00 p.m.
CVE-2017-17411
2017-12-2114:00:00
CWE-78
zdi
www.cve.org
0.974 High
EPSS
Percentile
99.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892.
CNA Affected
[
{
"product": "Linksys WVBR0",
"vendor": "Linksys",
"versions": [
{
"status": "affected",
"version": "WVBR0"
}
]
}
]Related
exploitpack
exploitpack
Linksys WVBR0 - User-Agent Remote Command Injection
2017-12-14 00:00:00
nvd
nvd
CVE-2017-17411
2017-12-21 14:29:00
zdt
zdt
Linksys WVBR0-25 User-Agent Command Execution Exploit
2018-01-04 00:00:00
Linksys WVBR0 - User-Agent Remote Command Injection Exploit
2017-12-19 00:00:00
seebug
seebug
Linksys WVBR0 25 Command Injection(CVE-2017-17411)
2017-12-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Linksys WVBR0-25 Command Injection (CVE-2017-17411)
2018-05-28 00:00:00
prion
prion
Design/Logic Flaw
2017-12-21 14:29:00
packetstorm
packetstorm
Linksys WVBR0-25 User-Agent Command Execution
2018-01-04 00:00:00
zdi
zdi
cve
cve
CVE-2017-17411
2017-12-21 14:29:00
openvas
openvas
Linksys WVBRO25 RCE Vulnerability
2017-12-22 00:00:00
exploitdb
exploitdb
Linksys WVBR0 - 'User-Agent' Remote Command Injection
2017-12-14 00:00:00