Incorrect Permission Assignment for Critical Resource

CVE-2024-36821

Medium

6.8/10

Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root.

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.