CVE-2024-25852

Name of the Vulnerable Software and Affected Versions Linksys RE7000 versions 2.0.9 through 2.0.15

Description The issue concerns a command execution vulnerability in the AccessControlList parameter of the access control function point. This vulnerability can be exploited by an attacker to obtain device administrator rights.

Recommendations For versions 2.0.9 through 2.0.15, consider restricting access to the AccessControlList parameter in the access control function point until a patch is available. As a temporary workaround, avoid using the AccessControlList parameter in the affected access control function point to minimize the risk of exploitation.