CVE-2013-3568

HIGH EXPLOITED

Cisco Linksys WRT110 Firmware - Cross-Site Request Forgery

Title source: llm

Exploitation Summary

CVE-2013-3568 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including Metasploit, Craig Young, joev, juan vazquez, including a Metasploit module exploits/linux/http/linksys_wrt110_cmd_exec.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in the Linksys WRT110 router's ping field. It authenticates with provided credentials and executes arbitrary commands via the `ping.cgi` endpoint.

Description

Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotehardware

https://www.exploit-db.com/exploits/28484

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in the Linksys WRT110 router's ping field. It authenticates with provided credentials and executes arbitrary commands via the `ping.cgi` endpoint.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Linksys WRT110

Auth required

Prerequisites: Valid administrator credentials · Network access to the router's web interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Craig Young, joev, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/linksys_wrt110_cmd_exec.rb

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in Linksys WRT110 routers by injecting commands into the 'pingstr' parameter of the '/ping.cgi' endpoint. It includes authentication handling and a command stager for reliable payload execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Linksys WRT110 router firmware

Auth required

Prerequisites: Valid administrator credentials for the router · Network access to the router's web interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/61151

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/28484

VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/85642

Scores

CVSS v3 8.8

EPSS 0.4106

EPSS Percentile 97.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2020-01-08

CWE

CWE-352

Status published

Products (1)

cisco/linksys_wrt110_firmware

Published Feb 06, 2020

Tracked Since Feb 18, 2026