CVE-2010-2261

Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi.
Configurations

Configuration 1 (hide)

OR cpe:2.3:h:linksys:wap54gv3:*:*:*:*:*:*:*:*
cpe:2.3:h:linksys:wap54gv3:3.05.03:*:*:*:*:*:*:*

History

21 Nov 2024, 01:16

Type Values Removed Values Added
References () http://www.securityfocus.com/archive/1/511733/100/0/threaded - () http://www.securityfocus.com/archive/1/511733/100/0/threaded -

Information

Published : 2010-06-10 00:30

Updated : 2024-11-21 01:16


NVD link : CVE-2010-2261

Mitre link : CVE-2010-2261

CVE.ORG link : CVE-2010-2261


JSON object : View

Products Affected

linksys

  • wap54gv3
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')