CVE-2024-48286

Summary

CVE-2024-48286 is a newly identified vulnerability affecting the Linksys E3000 router running firmware version 1.0.06.002_US. The issue lies in the diag_ping_start function, which is susceptible to command injection attacks. Malicious actors can exploit this vulnerability by sending specially crafted packets to the router, potentially gaining control over its system and executing arbitrary commands. Successful exploitation could lead to unauthorized access, data theft, or even complete system compromise. Users are advised to update their firmware as soon as a patch becomes available to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.