What is CVE-2018-3954?

CVE-2018-3954 is a high-severity vulnerability in Linksys Eseries E1200. CVSS score: 7.2/10. Published 2018-10-17.

How severe is CVE-2018-3954?

High severity. CVSS v3 base score is 7.2 out of 10.

Vulnerability in Linksys Eseries E1200

CVE-2018-3954

Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrie…

EPSS: 0.076 (92.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.2 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Linksys Eseries E1200 — versions Firmware Version 2.0.09
Linksys Eseries E2500 — versions Firmware Version 3.0.04

References

talosintelligence.com/vulnerability_reports/TALOS-2018-0625 (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-3954?: CVE-2018-3954 is a high-severity vulnerability in Linksys Eseries E1200. CVSS score: 7.2/10. Published 2018-10-17.
How severe is CVE-2018-3954?: High severity. CVSS v3 base score is 7.2 out of 10.