Ea6500 Firmware

ea6500_firmware

Vendor: Linksys • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-4658 1Linksys 1Ea6500 Firmware Nov 21, 2024 Oct 25, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.
CVE-2014-8244 1Linksys 20E4200v2 E4200v2 FirmwareEa2700+17 more May 6, 2026 Nov 1, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and...Show more Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.Show less
CVE-2014-8243 1Linksys 20E4200v2 E4200v2 FirmwareEa2700+17 more May 6, 2026 Nov 1, 2014 N/A· v4 N/A· v3 3.3 LOW· v2 Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and...Show more Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI.Show less
CVE-2013-3066 1Linksys 2Ea6500 Ea6500 Firmware May 6, 2026 Sep 29, 2014 N/A· v4 N/A· v3 7.1 HIGH· v2 Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
CVE-2013-3065 1Linksys 2Ea6500 Ea6500 Firmware May 6, 2026 Sep 29, 2014 N/A· v4 N/A· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the...Show more Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section.Show less
CVE-2013-3064 1Linksys 2Ea6500 Ea6500 Firmware May 6, 2026 Sep 29, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target...Show more Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter.Show less