Lucene search

MitreVULNRICHMENT:CVE-2024-36821

HistoryJun 11, 2024 - 12:00 a.m.

CVE-2024-36821

2024-06-1100:00:00

mitre

github.com

linksys velop wifi

whw01v1

privilege escalation

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

22.3%

SSVC

Exploitation

poc

Automatable

yes

Technical Impact

total

JSON

Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:linksys:whw01v1_firmware:1.1.13.202617:*:*:*:*:*:*:*"
    ],
    "vendor": "linksys",
    "product": "whw01v1_firmware",
    "versions": [
      {
        "status": "affected",
        "version": "1.1.13.202617"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

downloads.linksys.com/support/assets/releasenotes/WHW01_VLP01_1.1.13.202617_Customer_Release_Notes.txt

github.com/IvanGlinkin/CVE-2024-36821