Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentMitreVULNRICHMENT:CVE-2021-25310
HistoryFeb 02, 2021 - 2:01 p.m.

CVE-2021-25310

2021-02-0214:01:08
mitre
github.com
3
remote execution
belkin linksys wrt160nl
authentication
command injection
vulnerability

AI Score

7.3

Confidence

Low

EPSS

0.005

Percentile

76.3%

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

JSON

The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This occurs in do_upgrade_post in mini_httpd. NOTE: This vulnerability only affects products that are no longer supported by the maintaine

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:h:belkin:linksys_wrt_160nl:-:*:*:*:*:*:*:*"
    ],
    "vendor": "belkin",
    "product": "linksys_wrt_160nl",
    "versions": [
      {
        "status": "affected",
        "version": "-"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Related

nvd 1
cve 1
prion 1
checkpoint_advisories 1
cvelist 1
nvd
nvd
CVE-2021-25310
2021-02-02 15:15:16
cve
cve
CVE-2021-25310
2021-02-02 15:15:16
prion
prion
Design/Logic Flaw
2021-02-02 15:15:00
checkpoint_advisories
checkpoint_advisories
Belkin Linksys WRT160NL Command Injection (CVE-2021-25310)
2021-02-18 00:00:00
cvelist
cvelist
CVE-2021-25310
2021-02-02 14:01:08

AI Score

7.3

Confidence

Low

EPSS

0.005

Percentile

76.3%

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

JSON
Related for VULNRICHMENT:CVE-2021-25310
nvd1cve1prion1checkpoint_advisories1cvelist1