cbcvebase.
CVE-2024-27497
published 2024-03-01

CVE-2024-27497: Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file.

PriorityP184high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
26.46%
97.8th percentile
Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file.

Affected

1 ranges
VendorProductVersion rangeFixed in
linksyse2000_firmware

Detection & IOCsextracted from sources · hover to see the quote

path/position.js
  • Send an unauthenticated HTTP GET request to /position.js on the target device. A vulnerable Linksys E2000 will return HTTP 200 with a response body containing all three strings: 'var session_key', 'close_session', and 'HELPPATH', confirming authentication bypass.
  • Use Shodan query 'product:"Linksys E2000 WAP http config"' or FOFA query 'app="LINKSYS-E2000"' to identify exposed Linksys E2000 devices on the internet.
  • ·Vulnerability is specific to Linksys E2000 firmware version 1.0.06 build 1 only.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.