CVE-2013-2682

MEDIUM

Cisco Linksys E4200 <1.0.05 Build 7 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-2682.

AI-analyzed exploit summary The provided exploit code demonstrates a Local File Inclusion (LFI) and Reflected Cross-Site Scripting (XSS) vulnerability in Cisco Linksys E4200 firmware. It includes specific HTTP POST requests to exploit these vulnerabilities, targeting parameters like 'log_type' and 'ping_ip' for XSS, and path traversal for LFI.

Description

Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information.

Exploits (1)

exploitdb WORKING POC

webappshardware

https://www.exploit-db.com/exploits/25292

View Code ZIP pw:eip

The provided exploit code demonstrates a Local File Inclusion (LFI) and Reflected Cross-Site Scripting (XSS) vulnerability in Cisco Linksys E4200 firmware. It includes specific HTTP POST requests to exploit these vulnerabilities, targeting parameters like 'log_type' and 'ping_ip' for XSS, and path traversal for LFI.

Classification

Working Poc 90%

Attack Type

Xss | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Cisco Linksys E4200 Firmware Version 1.0.05 build 7 and prior

No auth needed

Prerequisites: Network access to the vulnerable device

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059.007 - JavaScript

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/59717

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html

VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/84071

Scores

CVSS v3 4.3

EPSS 0.0619

EPSS Percentile 92.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Details

CWE

CWE-1021

Status published

Products (1)

cisco/linksys_e4200_firmware 1.0.05

Published Feb 05, 2020

Tracked Since Feb 18, 2026