CVE-2013-2679

MEDIUM EXPLOITED

Linksys E4200 Firmware 1.0.05 - Cross-Site Scripting via Multiple Parameters

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2013-2679 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 3 public exploits from researchers including Carl Benedict, m-1-k-3.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in the Cisco Linksys E1200 N300 router. The vulnerability arises from insufficient sanitization of user-supplied input in the 'submit_button' parameter, allowing arbitrary script execution in the context of the affected site.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Carl Benedict · textremotehardware
https://www.exploit-db.com/exploits/38501

This exploit demonstrates a cross-site scripting (XSS) vulnerability in the Cisco Linksys E1200 N300 router. The vulnerability arises from insufficient sanitization of user-supplied input in the 'submit_button' parameter, allowing arbitrary script execution in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Cisco Linksys E1200 N300 running firmware 2.0.04
No auth needed
Prerequisites: Access to the router's web interface
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by m-1-k-3 · textwebappshardware
https://www.exploit-db.com/exploits/24202

This exploit demonstrates an OS command injection vulnerability in Linksys WRT54GL v1.1 firmware 4.30.15 via the `wan_hostname` parameter. It also includes details on CSRF and XSS vulnerabilities, with proof-of-concept HTTP requests for exploitation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Linksys WRT54GL v1.1 (Firmware Version: 4.30.15 build 2)
Auth required
Prerequisites: Authentication to the device · Network access to the router
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
webappshardware
https://www.exploit-db.com/exploits/25292

The exploit demonstrates reflected XSS and LFI vulnerabilities in Cisco Linksys E4200 firmware. It includes functional PoC examples for both XSS (via multiple parameters) and LFI (via path traversal in `apply.cgi`).

Classification
Working Poc 90%
Attack Type
Xss | Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Cisco Linksys E4200 Firmware Version 1.0.05 build 7 and prior
No auth needed
Prerequisites: Network access to the vulnerable router
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory x_refsource_misc
http://www.cloudscan.me/2013/05/xss-lfi-linksys-e4200-firmware-0d.html
Broken Link x_refsource_misc
http://osvdb.org/93059
Broken Link x_refsource_misc
http://osvdb.org/93060
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/84069

Scores

CVSS v3 6.1
EPSS 0.0061
EPSS Percentile 70.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

VulnCheck KEV 2018-07-13
CWE
CWE-79
Status published
Products (1)
belkin/linksys_e4200_firmware 1.0.05 build7
Published Feb 18, 2020
Tracked Since Feb 18, 2026