Linksys RE6500 UNAUTHENTICATED RCE working across multiple FW versions.

Disclosed by
  • Program Undisclosed
  • Disclosed date almost 4 years ago
  • Points 40
  • Priority P1 Bugcrowd's VRT priority rating
  • Status Resolved This vulnerability has been accepted and fixed
Summary by customer

The unauthenticated RCE issue for the Linksys RE6500 has been resolved and we urge all customers using this product to update to the latest firmware (available here: Thank you to @RE-Solver for bringing this issue to our attention.

Summary by RE-Solver

I do request for a CVE assignment and public disclosure on my blog with the POC.