VYPR

E2500

by Linksys

CVEs (5)

  • CVE-2025-44654CriJul 21, 2025
    risk 0.64cvss 9.8epss 0.01

    In Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.

  • CVE-2024-40495HigJul 24, 2024
    risk 0.52cvss 8.0epss 0.01

    A vulnerability was discovered in Linksys Router E2500 with firmware 2.0.00, allows authenticated attackers to execute arbitrary code via the hnd_parentalctrl_unblock function.

  • CVE-2018-3953HigOct 17, 2018
    risk 0.51cvss 7.2epss 0.13

    Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrieved from NVRAM. Data entered into the…

  • CVE-2018-3955HigOct 17, 2018
    risk 0.47cvss 7.2epss 0.05

    An exploitable operating system command injection exists in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04). Specially crafted entries to network configuration information can cause execution of arbitrary…

  • CVE-2018-3954HigOct 17, 2018
    risk 0.47cvss 7.2epss 0.03

    Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04) are susceptible to OS command injection vulnerabilities due to improper filtering of data passed to and retrieved from NVRAMData entered into the…