CVE-2023-31742

HIGH

Linksys WRT54GL 4.30.18.006 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-31742. Includes Metasploit module auxiliary/admin/http/linksys_wrt54gl_exec.

AI-analyzed exploit summary This Metasploit module exploits a blind OS command injection vulnerability in Linksys WRT54GL routers via the `/apply.cgi` endpoint. It requires authentication and injects commands into the `wan_hostname` parameter, which is then executed on the router.

Description

There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges.

Exploits (1)

metasploit WORKING POC
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb

This Metasploit module exploits a blind OS command injection vulnerability in Linksys WRT54GL routers via the `/apply.cgi` endpoint. It requires authentication and injects commands into the `wan_hostname` parameter, which is then executed on the router.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Linksys WRT54GL (and possibly other models)
Auth required
Prerequisites: Valid credentials for the router's web interface · Network access to the router's management interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.2
EPSS 0.7381
EPSS Percentile 98.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-77
Status published
Products (1)
linksys/wrt54gl_firmware 4.30.18.006
Published May 22, 2023
Tracked Since Feb 18, 2026