CVE-2025-34037P1CRITICALCVSS 10.0ExploitedPoCfixed in 2.1.032025-06-24
CVE-2025-34037 [CRITICAL] CWE-78 CVE-2025-34037: An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /
An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcp_ip parameter without sanitization, allowing unauthenticated attackers to inject shell commands. This vulnera
nvd