Critical Vulnerability Information Vulnerability Description Type: Command Injection Vulnerability Affected Devices: Linksys routers, particularly the R8050 model Firmware Version: 1.0.0.46 CVE ID: CVE-2023-27927 Vulnerability Details Command Injection Point: The call within the function directly executes commands based on user input. Critical Code Snippet: - The function directly executes user input as a command. Exploitation Method PoC Example: Result Successfully obtained a shell, displaying the current user's ID information. Summary This vulnerability allows attackers to execute arbitrary commands on affected Linksys routers by crafting specific HTTP requests, exploiting a command injection flaw, thereby gaining system control.