Arbitrary Command Execution in Belkin LINKSYS RE6500 Devices

Arbitrary Command Execution in Belkin LINKSYS RE6500 Devices

CVE-2020-35714 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.

Learn more about our User Device Pen Test.