CVE-2010-2261
EXPLOITEDLinksys WAP54Gv3 < 3.04.03 - Remote Code Execution via Debug Command Page Parameters
Title source: llmExploitation Summary
CVE-2010-2261 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi.
References (1)
Core 1
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511733/100/0/threaded
Scores
EPSS
0.0169
EPSS Percentile
82.5%
Details
VulnCheck KEV
2023-02-08
CWE
CWE-94
Status
published
Products (2)
linksys/wap54gv3
3.05.03
linksys/wap54gv3
< 3.04.03
Published
Jun 10, 2010
Tracked Since
Feb 18, 2026