VYPR
Unrated severityNVD Advisory· Published Feb 24, 2026· Updated Feb 24, 2026

Path Traversal vulnerability in Linksys MR9600, Linksys MX4200

CVE-2026-25603

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context of a root user.This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Linksys/MX4200llm-create2 versions
    <= 1.0.13.210200+ 1 more
    • (no CPE)range: <= 1.0.13.210200
    • (no CPE)range: 1.0.13.210200
  • Linksys/MR9600llm-fuzzy2 versions
    <= 1.0.4.205530+ 1 more
    • (no CPE)range: <= 1.0.4.205530
    • (no CPE)range: 1.0.4.205530

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.