{"vulnerability": "cve-2023-31741", "sightings": [{"uuid": "e6b92ad2-ee98-4738-872b-d205f18531e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31741", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2451", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31741\n\ud83d\udd39 Description: There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ssid, wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges.\n\ud83d\udccf Published: 2023-05-23T00:00:00\n\ud83d\udccf Modified: 2025-01-21T18:45:01.325Z\n\ud83d\udd17 References:\n1. http://linksys.com\n2. https://github.com/D2y6p/CVE/blob/main/Linksys/CVE-2023-31741/Linksys_E2000_RCE_2.pdf", "creation_timestamp": "2025-01-21T19:01:49.000000Z"}, {"uuid": "4061338a-af20-4694-9741-f1d7c0313c40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31741", "type": "seen", "source": "https://t.me/cibsecurity/64591", "content": "\u203c CVE-2023-31741 \u203c\n\nThere is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ssid, wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-23T07:25:08.000000Z"}]}