Details of VAR-202403-0233

ID

VAR-202403-0233

CVE

CVE-2024-27497

TITLE

Linksys of e2000 Access control vulnerabilities in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2024-025570

DESCRIPTION

Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file. Linksys of e2000 Firmware contains an access control vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-27497 // JVNDB: JVNDB-2024-025570

AFFECTED PRODUCTS

vendor:	linksys	model:	e2000	scope:	eq	version:	1.0.06	Trust: 1.0
vendor:	linksys	model:	e2000	scope:	eq	version:	-	Trust: 0.8
vendor:	linksys	model:	e2000	scope:	eq	version:	e2000 firmware 1.0.06	Trust: 0.8
vendor:	linksys	model:	e2000	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2024-025570 // NVD: CVE-2024-27497

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-27497
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2024-025570
value:	HIGH
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-27497
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2024-025570
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2024-025570 // NVD: CVE-2024-27497

PROBLEMTYPE DATA

problemtype:	CWE-284	Trust: 1.0
problemtype:	Inappropriate access control (CWE-284) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-025570 // NVD: CVE-2024-27497

EXTERNAL IDS

db:	NVD	id:	CVE-2024-27497	Trust: 2.6
db:	JVNDB	id:	JVNDB-2024-025570	Trust: 0.8

sources: JVNDB: JVNDB-2024-025570 // NVD: CVE-2024-27497

REFERENCES

url:	https://warp-desk-89d.notion.site/linksys-e-2000-efcd532d8dcf4710a4af13fca131a5b8	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2024-27497	Trust: 0.8

sources: JVNDB: JVNDB-2024-025570 // NVD: CVE-2024-27497

SOURCES

db:	JVNDB	id:	JVNDB-2024-025570
db:	NVD	id:	CVE-2024-27497

LAST UPDATE DATE

2025-07-05T23:21:33.787000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2024-025570	date:	2025-07-02T00:13:00
db:	NVD	id:	CVE-2024-27497	date:	2025-06-27T14:10:21

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2024-025570	date:	2025-07-02T00:00:00
db:	NVD	id:	CVE-2024-27497	date:	2024-03-01T15:15:08.580