E5600
by Linksys
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-29229 | 0.00 | — | 0.00 | Dec 23, 2025 | linksys E5600 V1.1.0.26 is vulnerable to command injection in the function ddnsStatus. | |||
| CVE-2025-29228 | 0.00 | — | 0.00 | Dec 23, 2025 | Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter. | |||
| CVE-2025-29231 | 0.00 | — | 0.00 | Dec 16, 2025 | A stored cross-site scripting (XSS) vulnerability in the page_save component of Linksys E5600 V1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hostname and domainName parameters. | |||
| CVE-2025-9146 | 0.00 | — | 0.00 | Aug 19, 2025 | A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way. |
- CVE-2025-29229Dec 23, 2025risk 0.00cvss —epss 0.00
linksys E5600 V1.1.0.26 is vulnerable to command injection in the function ddnsStatus.
- CVE-2025-29228Dec 23, 2025risk 0.00cvss —epss 0.00
Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter.
- CVE-2025-29231Dec 16, 2025risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability in the page_save component of Linksys E5600 V1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hostname and domainName parameters.
- CVE-2025-9146Aug 19, 2025risk 0.00cvss —epss 0.00
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way.