CVE-2024-25852 (GCVE-0-2024-25852)
Vulnerability from cvelistv5 – Published: 2024-04-11 00:00 – Updated: 2024-08-14 19:45
VLAI?
Summary
Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights.
Severity ?
8.8 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:52:06.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linksys:re7000_firmware:2.0.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "re7000_firmware",
"vendor": "linksys",
"versions": [
{
"status": "affected",
"version": "2.0.9"
}
]
},
{
"cpes": [
"cpe:2.3:o:linksys:re7000_firmware:2.0.11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "re7000_firmware",
"vendor": "linksys",
"versions": [
{
"status": "affected",
"version": "2.0.11"
}
]
},
{
"cpes": [
"cpe:2.3:o:linksys:re7000_firmware:2.0.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "re7000_firmware",
"vendor": "linksys",
"versions": [
{
"status": "affected",
"version": "2.0.15"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25852",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T19:40:42.558388Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T19:45:30.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the \"AccessControlList\" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-11T20:15:42.928749",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd"
},
{
"url": "https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25852",
"datePublished": "2024-04-11T00:00:00",
"dateReserved": "2024-02-12T00:00:00",
"dateUpdated": "2024-08-14T19:45:30.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the \\\"AccessControlList\\\" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights.\"}, {\"lang\": \"es\", \"value\": \"Linksys RE7000 v2.0.9, v2.0.11 y v2.0.15 tienen una vulnerabilidad de ejecuci\\u00f3n de comandos en el par\\u00e1metro \\\"AccessControlList\\\" del punto de funci\\u00f3n de control de acceso. Un atacante puede utilizar la vulnerabilidad para obtener derechos de administrador del dispositivo.\"}]",
"id": "CVE-2024-25852",
"lastModified": "2024-11-21T09:01:27.317",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
"published": "2024-04-11T21:15:07.980",
"references": "[{\"url\": \"https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-25852\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-04-11T21:15:07.980\",\"lastModified\":\"2025-06-17T20:50:31.347\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the \\\"AccessControlList\\\" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights.\"},{\"lang\":\"es\",\"value\":\"Linksys RE7000 v2.0.9, v2.0.11 y v2.0.15 tienen una vulnerabilidad de ejecuci\u00f3n de comandos en el par\u00e1metro \\\"AccessControlList\\\" del punto de funci\u00f3n de control de acceso. Un atacante puede utilizar la vulnerabilidad para obtener derechos de administrador del dispositivo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linksys:re7000_firmware:2.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D458466C-3906-4191-83DD-CE81790B7226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linksys:re7000_firmware:2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E1C493F-E2E1-4A8C-9C7F-625102FF452A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linksys:re7000_firmware:2.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F28D5E8-5CFA-4FB2-99C8-63A9BEB8E031\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:linksys:re7000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D04E83B6-EE99-42EB-AA37-895B1467CEDA\"}]}]}],\"references\":[{\"url\":\"https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T23:52:06.440Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-25852\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-14T19:40:42.558388Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:linksys:re7000_firmware:2.0.9:*:*:*:*:*:*:*\"], \"vendor\": \"linksys\", \"product\": \"re7000_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.9\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linksys:re7000_firmware:2.0.11:*:*:*:*:*:*:*\"], \"vendor\": \"linksys\", \"product\": \"re7000_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.11\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linksys:re7000_firmware:2.0.15:*:*:*:*:*:*:*\"], \"vendor\": \"linksys\", \"product\": \"re7000_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.15\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284 Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-14T19:41:09.401Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd\"}, {\"url\": \"https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the \\\"AccessControlList\\\" parameter of the access control function point. An attacker can use the vulnerability to obtain device administrator rights.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-04-11T20:15:42.928749\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-25852\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-14T19:45:30.332Z\", \"dateReserved\": \"2024-02-12T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-04-11T00:00:00\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…