What is CVE-2013-10062?

CVE-2013-10062 is a vulnerability in Linksys E1500, classified under Path Traversal. Published 2025-08-01.

Is CVE-2013-10062 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Linksys E1500

CVE-2013-10062

A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05), specifically in the /apply.cgi endpoint. Authenticated attackers can exploit the next_pa…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.616 (98.4th percentile) — read the EPSS interpretation.

Affected products

Linksys E1500 — versions 1.0.05, 1.0.00, 1.0.04

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/… (exploit)
www.exploit-db.com/exploits/24475 (exploit)
web.archive.org/web/20150428184015/http://www.s3cur1ty.de/m1adv2013-004 (technical-description, exploit)
www.vulncheck.com/advisories/linksys-legacy-routers-path-traversal (third-party-advisory)

Frequently asked questions

What is CVE-2013-10062?: CVE-2013-10062 is a vulnerability in Linksys E1500, classified under Path Traversal. Published 2025-08-01.
Is CVE-2013-10062 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.