CVE-2013-10058

HIGH

Linksys router <v2.0.03 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2013-10058. PoCs published by Metasploit, m-1-k-3, including Metasploit module exploits/linux/http/linksys_wrt160nv2_apply_exec.

AI-analyzed exploit summary This Metasploit module exploits an authenticated OS command injection vulnerability in Linksys WRT160nv2 routers via the apply.cgi endpoint. It uses TFTP to stage and execute a MIPS payload, demonstrating full remote code execution.

Description

An authenticated OS command injection vulnerability exists in various Linksys router models (tested on WRT160Nv2) running firmware version v2.0.03 via the apply.cgi endpoint. The web interface fails to properly sanitize user-supplied input passed to the ping_size parameter during diagnostic operations. An attacker with valid credentials can inject arbitrary shell commands, enabling remote code execution.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotehardware
https://www.exploit-db.com/exploits/25608

This Metasploit module exploits an authenticated OS command injection vulnerability in Linksys WRT160nv2 routers via the apply.cgi endpoint. It uses TFTP to stage and execute a MIPS payload, demonstrating full remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Linksys WRT160nv2 firmware v2.0.03
Auth required
Prerequisites: Network access to the router's web interface · Valid credentials (default: admin/admin or admin/password)
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC
by m-1-k-3 · textwebappshardware
https://www.exploit-db.com/exploits/24478

This exploit demonstrates an OS command injection vulnerability in Linksys WRT160Nv2 firmware v2.0.03 via the `ping_size` parameter in `apply.cgi`, allowing arbitrary command execution. It also includes details on directory traversal, XSS, and CSRF vulnerabilities.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Linksys WRT160Nv2 firmware v2.0.03
Auth required
Prerequisites: Authentication to the device · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
rubypocunix
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb

This Metasploit module exploits an authenticated OS command injection vulnerability in Linksys WRT160nv2 routers via the apply.cgi endpoint. It leverages default credentials (admin/admin or admin/password) to execute arbitrary commands, including staging and executing a MIPS payload via TFTP.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Linksys WRT160nv2 firmware v2.0.03
Auth required
Prerequisites: Network access to the router's web interface · Valid credentials (default or known) · TFTP server reachable by the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v4 8.6
EPSS 0.0310
EPSS Percentile 86.0%
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-78
Status published
Products (1)
Linksys/WRT160nv2 2.0.03
Published Aug 01, 2025
Tracked Since Feb 18, 2026