CVE-2020-35713 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in Belkin LINKSYS RE6500 affects v. before 1.0.012.001.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Domain, Ipv4
Toolbox
-
Belkin LINKSYS RE6500 devices are an integral part of many home or office networks and are used to extend the Wi-Fi range by adding a powerful access point. They are designed to enable users to connect to the internet seamlessly, regardless of the distance between their electronic devices and the router. Moreover, the RE6500 devices offer extended network coverage and high-speed connectivity, enabling users to enjoy streaming and gaming without interruption.
Recently, a critical vulnerability was discovered in the Belkin LINKSYS RE6500 devices, known as CVE-2020-35713. This vulnerability enables remote attackers to execute arbitrary commands or create new passwords using shell metacharacters in the goform/setSysAdm page. Essentially, this flaw enables attackers to gain complete control over the targeted device without the knowledge or permission of the user.
If this vulnerability is exploited, attackers can gain full access to users' personal data, login credentials, and other sensitive information. Additionally, this flaw could lead to a complete network compromise or denial of service attacks from outside the network, leading to disastrous consequences for the targeted system and its users.
It is important that users regularly monitor their devices and employ security measures to secure their networks from cyber-attacks and other threats. Securityforeveryone.com offers pro features that enable users to stay informed about the latest security vulnerabilities and possible threats to their digital assets. By incorporating this tool into their cybersecurity strategy, users can stay one step ahead of attackers and protect their online safety and privacy.
REFERENCES
- https://bugcrowd.com/disclosures/72d7246b-f77f-4f7f-9bd1-fdc35663cc92/linksys-re6500-unauthenticated-rce-working-across-multiple-fw-versions
- https://downloads.linksys.com/support/assets/releasenotes/ExternalReleaseNotes_RE6500_1.0.012.001.txt
- https://resolverblog.blogspot.com/2020/07/linksys-re6500-unauthenticated-rce-full.html
control security posture