Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the “AccessControlList” parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights.
[
{
"cpes": [
"cpe:2.3:o:linksys:re7000_firmware:2.0.9:*:*:*:*:*:*:*"
],
"vendor": "linksys",
"product": "re7000_firmware",
"versions": [
{
"status": "affected",
"version": "2.0.9"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linksys:re7000_firmware:2.0.11:*:*:*:*:*:*:*"
],
"vendor": "linksys",
"product": "re7000_firmware",
"versions": [
{
"status": "affected",
"version": "2.0.11"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:linksys:re7000_firmware:2.0.15:*:*:*:*:*:*:*"
],
"vendor": "linksys",
"product": "re7000_firmware",
"versions": [
{
"status": "affected",
"version": "2.0.15"
}
],
"defaultStatus": "unknown"
}
]