CVE-2024-57539

HighPublic PoC

Published: 21 January 2025

Published

21 January 2025

Modified

22 April 2025

KEV Added

—

Patch

—

CVSS Score 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

EPSS Score 0.0554 90.3th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may abuse Unix shell commands and scripts for execution.

Security Summary

CVE-2024-57539 is a command injection vulnerability (CWE-77) affecting the Linksys E8450 router on firmware version v1.2.00.360516. The issue arises via the userEmail parameter, enabling attackers to inject and execute arbitrary commands on the device.

With a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N), the vulnerability is exploitable over the network by unauthenticated attackers requiring low complexity and no user interaction. Exploitation allows limited confidentiality impact alongside high integrity impact, such as modifying system data or configurations through command execution, with no availability disruption.

Mitigation details are available in the referenced advisory at https://github.com/Wood1314/Linksys_E8450_vul/blob/main/3/3.md.

Details

CWE(s): CWE-77

Affected Products

linksys

e8450 firmware

1.2.00.360516

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1059.004 Unix Shell Execution

Adversaries may abuse Unix shell commands and scripts for execution.

attack.mitre.org →

Why these techniques?

The command injection vulnerability via the userEmail parameter in the Linksys E8450 router web interface enables exploitation of a public-facing application (T1190) to achieve remote code execution through Unix shell commands (T1059.004).

References

https://github.com/Wood1314/Linksys_E8450_vul/blob/main/3/3.md
Exploit, Third Party Advisory · cve@mitre.org