|Category:||Web application abuses|
|Title:||Linksys E1500/E2500 Multiple Vulnerabilities|
|Summary:||This host is running Linksys E1500 or E2500 device and is prone to multiple;vulnerabilities.;; This vulnerability was known to be exploited by the IoT Botnet 'Reaper' in 2017.|
This host is running Linksys E1500 or E2500 device and is prone to multiple
This vulnerability was known to be exploited by the IoT Botnet 'Reaper' in 2017.
The vulnerability is caused by missing input validation in the ping_size
parameter and can be exploited to inject and execute arbitrary shell commands.
The attacker can start a telnetd or upload and execute a backdoor to
compromise the device.
Linksys E1500 v1.0.00 build 9, v1.0.04 build 2, v1.0.05 build 1 and
Linksys E2500 v1.0.03, probably all versions up to 2.0.00.
Update the firmware to version 1.0.06 build 1 for the E1500 model.
Update the firmware to version 2.0.00 build 1 for the E2500 model.
|Copyright||Copyright (C) 2017 Greenbone Networks GmbH|
|This is only one of 69903 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.