Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/06/26 3:12 a.m.3 views

CVE-2025-34037

An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcpip parameter without sanitization, allowing...

10CVSS6.5AI score0.89265EPSS
Exploits1References1
NVD
NVDadded 2025/06/24 1:15 a.m.6 views

CVE-2025-34037

An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcpip parameter without sanitization, allowing...

10CVSS0.89265EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/06/24 1:3 a.m.4 views

CVE-2025-34037 Linksys Routers E/WAG/WAP/WES/WET/WRT-Series

An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcpip parameter without sanitization, allowing...

10CVSS6.5AI score0.89265EPSS
Exploits1References3
CVE
CVEadded 2025/06/24 1:3 a.m.27 views

CVE-2025-34037

CVE-2025-34037 is an OS command injection in Linksys E-Series routers, exploitable via unauthenticated HTTP POSTs to /tmUnblock.cgi or /hndUnblock.cgi on port 8080. The issue stems from improper sanitization of the ttcp_ip parameter, enabling shell command injection and arbitrary code execution. ...

10CVSS6.5AI score0.89265EPSS
In wildExploits1References3
VulnCheck KEV
VulnCheck KEVadded 2025/06/23 12:0 a.m.1 views

VulnCheck KEV: CVE-2025-34037

An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcpip parameter without sanitization, allowing...

10CVSS6.4AI score0.89265EPSS
In wildExploits1References50
0day.today
0day.todayadded 2014/04/05 12:0 a.m.33 views

Linksys E-Series TheMoon Remote Command Injection Exploit

Some Linksys E-Series Routers are vulnerable to an unauthenticated OS command injection. This vulnerability was used from the so called "TheMoon" worm. There are many Linksys systems that might be vulnerable including E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900. Th...

7.7AI score
Exploits0
seebug.org
seebug.orgadded 2014/02/18 12:0 a.m.66 views

Linksys系列未明远程代码执行漏洞

No description provided by source. !/usr/bin/php ?php / Exploit for 0day linksys unauthenticated remote code execution vulnerability. As exploited by TheMoon worm; Discovered in the wild on Feb 13, 2013 by Johannes Ullrich. I was hoping this would stay under-wraps until a firmware patch could be...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2014/02/16 12:0 a.m.16 views

Linksys E-series - Remote Code Execution

Linksys E-series - Remote Code Execution !/usr/bin/php ?php / Exploit for 0day linksys unauthenticated remote code execution vulnerability. As exploited by TheMoon worm; Discovered in the wild on Feb 13, 2013 by Johannes Ullrich. I was hoping this would stay under-wraps until a firmware patch cou...

Exploits0
Rows per page
Query Builder