Remote Command Execution Vulnerability in Linksys WiFi Extender Products

Remote Command Execution Vulnerability in Linksys WiFi Extender Products

CVE-2019-11535 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Unsanitized user input in the web interface for Linksys WiFi extender products (RE6400 and RE6300 through 1.2.04.022) allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI.

Learn more about our Web App Pen Testing.