Fixed date as per Linksys contact: 7/4/16
Linksys E2500 hardware version 3.0 and firmware version 3.0.01.010 suffer from missing authorization control on parental control page. This allows an attacker to change the parental controls set up by parents to keep kids safe from visiting adult sites and probably compromise a kid’s device.
Initial disclosure date: 04/12/16
Linksys contact: Benjamin Samuels, Calvin Clark (email@example.com)