cbcvebase.
CVE-2013-10062
published 2025-08-01

CVE-2013-10062: A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05)…

PriorityP345medium6.9CVSS 4.0
AVNACLATNPRHUINVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.34%
67.9th percentile
A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05), specifically in the /apply.cgi endpoint. Authenticated attackers can exploit the next_page POST parameter to access arbitrary files outside the intended web root by injecting traversal sequences. This allows exposure of sensitive system files and configuration data.

Affected

3 ranges
VendorProductVersion rangeFixed in
linksyse1500
linksyse1500
linksyse1500

Detection & IOCsextracted from sources · hover to see the quote

path/apply.cgi
  • Monitor POST requests to /apply.cgi for directory traversal sequences (e.g., ../, ..%2f, %2e%2e%2f) in the 'next_page' POST parameter, which is the exploited parameter in this vulnerability.
  • Target devices are Linksys E1500 routers running firmware versions 1.0.00, 1.0.04, and 1.0.05. Prioritize detection on these specific firmware versions.
  • A Metasploit auxiliary scanner module exists for this vulnerability (modules/auxiliary/scanner/http/linksys_e1500_traversal.rb), meaning exploitation attempts may originate from automated Metasploit-based scanning activity.
  • ·Exploitation requires prior authentication; unauthenticated attackers cannot directly exploit this vulnerability. Detection logic should account for authenticated sessions when triaging alerts.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.