CVE-2020-35714

Severity CVSS v4.0:
Pending analysis
Type:
CWE-78 OS Command Injections
Publication date:
26/12/2020
Last modified:
21/07/2021

Description

Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linksys:re6500_firmware:*:*:*:*:*:*:*:* 1.0.011.001 (excluding)
cpe:2.3:h:linksys:re6500:-:*:*:*:*:*:*:*