Vendor CVEs
Linksys
All CVEs
234 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-9253 | 0.00 | — | 0.01 | Aug 20, 2025 | A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RP_doSpecifySiteSurvey of the file /goform/RP_doSpecifySiteSurvey. The… | |||
| CVE-2025-9252 | 0.00 | — | 0.01 | Aug 20, 2025 | A weakness has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function DisablePasswordAlertRedirect of the file /goform/DisablePasswordAlertRedirect.… | |||
| CVE-2025-9251 | 0.00 | — | 0.01 | Aug 20, 2025 | A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function sta_wps_pin of the file /goform/sta_wps_pin. Performing manipulation of the argument Ssid results in… | |||
| CVE-2025-9250 | 0.00 | — | 0.01 | Aug 20, 2025 | A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function setPWDbyBBS of the file /goform/setPWDbyBBS. Such manipulation of the argument hint leads to stack-based… | |||
| CVE-2025-9249 | 0.00 | — | 0.01 | Aug 20, 2025 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function DHCPReserveAddGroup of the file /goform/DHCPReserveAddGroup. This manipulation of the argument… | |||
| CVE-2025-9248 | 0.00 | — | 0.01 | Aug 20, 2025 | A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function RP_pingGatewayByBBS of the file /goform/RP_pingGatewayByBBS. The manipulation of the argument… | |||
| CVE-2025-9247 | 0.00 | — | 0.01 | Aug 20, 2025 | A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function setVlan of the file /goform/setVlan. The manipulation of the argument vlan_set leads to… | |||
| CVE-2025-9246 | 0.00 | — | 0.01 | Aug 20, 2025 | A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function check_port_conflict of the file /goform/check_port_conflict. Executing manipulation of the argument… | |||
| CVE-2025-9245 | 0.00 | — | 0.01 | Aug 20, 2025 | A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function WPSSTAPINEnr of the file /goform/WPSSTAPINEnr. Performing manipulation of the argument ssid results… | |||
| CVE-2025-9146 | 0.00 | — | 0.00 | Aug 19, 2025 | A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack… | |||
| CVE-2025-8833 | 0.00 | — | 0.01 | Aug 11, 2025 | A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function langSwitchBack of the file /goform/langSwitchBack. The manipulation of the argument langSelectionOnly leads to stack-based buffer overflow.… | |||
| CVE-2025-8832 | 0.00 | — | 0.01 | Aug 11, 2025 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function setDMZ of the file /goform/setDMZ. The manipulation of the argument DMZIPAddress leads to stack-based buffer overflow. The attack… | |||
| CVE-2025-8831 | 0.00 | — | 0.01 | Aug 11, 2025 | A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function remoteManagement of the file /goform/remoteManagement. The manipulation of the argument portNumber leads to stack-based buffer overflow. It is… | |||
| CVE-2025-8826 | 0.00 | — | 0.01 | Aug 11, 2025 | A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function um_rp_autochannel of the file /goform/RP_setBasicAuto. The manipulation of the argument apcli_AuthMode_2G/apcli_AuthMode_5G leads… | |||
| CVE-2025-8824 | 0.00 | — | 0.01 | Aug 11, 2025 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setRIP of the file /goform/setRIP. The manipulation of the argument RIPmode/RIPpasswd leads to stack-based buffer overflow. The… | |||
| CVE-2025-8822 | 0.00 | — | 0.01 | Aug 11, 2025 | A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function algDisable of the file /goform/setOpMode. The manipulation of the argument opMode leads to stack-based buffer overflow. It is possible to launch… | |||
| CVE-2025-8820 | 0.00 | — | 0.01 | Aug 10, 2025 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function wirelessBasic of the file /goform/wirelessBasic. The manipulation of the argument submit_SSID1 leads to stack-based buffer… | |||
| CVE-2025-8819 | 0.00 | — | 0.01 | Aug 10, 2025 | A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function setWan of the file /goform/setWan. The manipulation of the argument staticIp leads to stack-based buffer overflow. It is possible to initiate the… | |||
| CVE-2025-8817 | 0.00 | — | 0.01 | Aug 10, 2025 | A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setLan of the file /goform/setLan. The manipulation of the argument lan2enabled leads to stack-based buffer overflow. The… | |||
| CVE-2025-8816 | 0.00 | — | 0.01 | Aug 10, 2025 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function setOpMode of the file /goform/setOpMode. The manipulation of the argument ethConv leads to stack-based buffer overflow. It is possible to launch… | |||
| CVE-2025-44657 | 0.00 | — | 0.00 | Jul 21, 2025 | In Linksys EA6350 V2.1.2, the chroot_local_user option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks. | |||
| CVE-2025-44654 | 0.00 | — | 0.01 | Jul 21, 2025 | In Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks. | |||
| CVE-2025-5440 | 0.00 | — | 0.08 | Jun 2, 2025 | A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument… | |||
| CVE-2025-5439 | 0.00 | — | 0.08 | Jun 2, 2025 | A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been rated as critical. Affected by this issue is the function verifyFacebookLike of the file /goform/verifyFacebookLike. The… | |||
| CVE-2025-5000 | 0.00 | — | 0.09 | May 20, 2025 | A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function control_panel_sw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument… | |||
| CVE-2025-4999 | 0.00 | — | 0.11 | May 20, 2025 | A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub_4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument… | |||
| CVE-2025-29230 | 0.00 | — | 0.01 | Mar 21, 2025 | Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.emailReg function. The vulnerability can be triggered via the `pt["email"]` parameter. | |||
| CVE-2025-29227 | 0.00 | — | 0.01 | Mar 21, 2025 | In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["pkgsize"] parameter. | |||
| CVE-2025-29226 | 0.00 | — | 0.01 | Mar 21, 2025 | In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["count"] parameter. | |||
| CVE-2025-29223 | 0.00 | — | 0.01 | Mar 21, 2025 | Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt parameter in the traceRoute function. | |||
| CVE-2025-25522 | 0.00 | — | 0.00 | Feb 11, 2025 | Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability. | |||
| CVE-2024-57538 | 0.00 | — | 0.01 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification. | |||
| CVE-2024-57537 | 0.00 | — | 0.00 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification. | |||
| CVE-2024-57544 | 0.00 | — | 0.00 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification. | |||
| CVE-2024-57545 | 0.00 | — | 0.00 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification. | |||
| CVE-2024-57543 | 0.00 | — | 0.00 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification. | |||
| CVE-2024-57540 | 0.00 | — | 0.01 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification. | |||
| CVE-2024-57536 | 0.00 | — | 0.01 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status. | |||
| CVE-2024-57541 | 0.00 | — | 0.00 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification. | |||
| CVE-2024-57542 | 0.00 | — | 0.02 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via the field id_email_check_btn. | |||
| CVE-2024-57539 | 0.00 | — | 0.01 | Jan 21, 2025 | Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via userEmail. | |||
| CVE-2025-22997 | 0.00 | — | 0.00 | Jan 14, 2025 | A stored cross-site scripting (XSS) vulnerability in the prf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter. | |||
| CVE-2025-22996 | 0.00 | — | 0.00 | Jan 14, 2025 | A stored cross-site scripting (XSS) vulnerability in the spf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter. | |||
| CVE-2024-57228 | 0.00 | — | 0.01 | Jan 10, 2025 | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function. | |||
| CVE-2024-57223 | 0.00 | — | 0.02 | Jan 10, 2025 | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. | |||
| CVE-2024-57225 | 0.00 | — | 0.02 | Jan 10, 2025 | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. | |||
| CVE-2024-57226 | 0.00 | — | 0.01 | Jan 10, 2025 | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. | |||
| CVE-2024-57227 | 0.00 | — | 0.01 | Jan 10, 2025 | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function. | |||
| CVE-2024-57224 | 0.00 | — | 0.02 | Jan 10, 2025 | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. | |||
| CVE-2024-57222 | 0.00 | — | 0.01 | Jan 10, 2025 | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. |
- CVE-2025-9253Aug 20, 2025risk 0.00cvss —epss 0.01
A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RP_doSpecifySiteSurvey of the file /goform/RP_doSpecifySiteSurvey. The…
- CVE-2025-9252Aug 20, 2025risk 0.00cvss —epss 0.01
A weakness has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function DisablePasswordAlertRedirect of the file /goform/DisablePasswordAlertRedirect.…
- CVE-2025-9251Aug 20, 2025risk 0.00cvss —epss 0.01
A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function sta_wps_pin of the file /goform/sta_wps_pin. Performing manipulation of the argument Ssid results in…
- CVE-2025-9250Aug 20, 2025risk 0.00cvss —epss 0.01
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function setPWDbyBBS of the file /goform/setPWDbyBBS. Such manipulation of the argument hint leads to stack-based…
- CVE-2025-9249Aug 20, 2025risk 0.00cvss —epss 0.01
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function DHCPReserveAddGroup of the file /goform/DHCPReserveAddGroup. This manipulation of the argument…
- CVE-2025-9248Aug 20, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function RP_pingGatewayByBBS of the file /goform/RP_pingGatewayByBBS. The manipulation of the argument…
- CVE-2025-9247Aug 20, 2025risk 0.00cvss —epss 0.01
A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function setVlan of the file /goform/setVlan. The manipulation of the argument vlan_set leads to…
- CVE-2025-9246Aug 20, 2025risk 0.00cvss —epss 0.01
A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function check_port_conflict of the file /goform/check_port_conflict. Executing manipulation of the argument…
- CVE-2025-9245Aug 20, 2025risk 0.00cvss —epss 0.01
A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function WPSSTAPINEnr of the file /goform/WPSSTAPINEnr. Performing manipulation of the argument ssid results…
- CVE-2025-9146Aug 19, 2025risk 0.00cvss —epss 0.00
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack…
- CVE-2025-8833Aug 11, 2025risk 0.00cvss —epss 0.01
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function langSwitchBack of the file /goform/langSwitchBack. The manipulation of the argument langSelectionOnly leads to stack-based buffer overflow.…
- CVE-2025-8832Aug 11, 2025risk 0.00cvss —epss 0.01
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function setDMZ of the file /goform/setDMZ. The manipulation of the argument DMZIPAddress leads to stack-based buffer overflow. The attack…
- CVE-2025-8831Aug 11, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function remoteManagement of the file /goform/remoteManagement. The manipulation of the argument portNumber leads to stack-based buffer overflow. It is…
- CVE-2025-8826Aug 11, 2025risk 0.00cvss —epss 0.01
A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function um_rp_autochannel of the file /goform/RP_setBasicAuto. The manipulation of the argument apcli_AuthMode_2G/apcli_AuthMode_5G leads…
- CVE-2025-8824Aug 11, 2025risk 0.00cvss —epss 0.01
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setRIP of the file /goform/setRIP. The manipulation of the argument RIPmode/RIPpasswd leads to stack-based buffer overflow. The…
- CVE-2025-8822Aug 11, 2025risk 0.00cvss —epss 0.01
A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function algDisable of the file /goform/setOpMode. The manipulation of the argument opMode leads to stack-based buffer overflow. It is possible to launch…
- CVE-2025-8820Aug 10, 2025risk 0.00cvss —epss 0.01
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function wirelessBasic of the file /goform/wirelessBasic. The manipulation of the argument submit_SSID1 leads to stack-based buffer…
- CVE-2025-8819Aug 10, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function setWan of the file /goform/setWan. The manipulation of the argument staticIp leads to stack-based buffer overflow. It is possible to initiate the…
- CVE-2025-8817Aug 10, 2025risk 0.00cvss —epss 0.01
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setLan of the file /goform/setLan. The manipulation of the argument lan2enabled leads to stack-based buffer overflow. The…
- CVE-2025-8816Aug 10, 2025risk 0.00cvss —epss 0.01
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function setOpMode of the file /goform/setOpMode. The manipulation of the argument ethConv leads to stack-based buffer overflow. It is possible to launch…
- CVE-2025-44657Jul 21, 2025risk 0.00cvss —epss 0.00
In Linksys EA6350 V2.1.2, the chroot_local_user option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.
- CVE-2025-44654Jul 21, 2025risk 0.00cvss —epss 0.01
In Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.
- CVE-2025-5440Jun 2, 2025risk 0.00cvss —epss 0.08
A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument…
- CVE-2025-5439Jun 2, 2025risk 0.00cvss —epss 0.08
A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been rated as critical. Affected by this issue is the function verifyFacebookLike of the file /goform/verifyFacebookLike. The…
- CVE-2025-5000May 20, 2025risk 0.00cvss —epss 0.09
A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function control_panel_sw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument…
- CVE-2025-4999May 20, 2025risk 0.00cvss —epss 0.11
A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub_4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument…
- CVE-2025-29230Mar 21, 2025risk 0.00cvss —epss 0.01
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.emailReg function. The vulnerability can be triggered via the `pt["email"]` parameter.
- CVE-2025-29227Mar 21, 2025risk 0.00cvss —epss 0.01
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["pkgsize"] parameter.
- CVE-2025-29226Mar 21, 2025risk 0.00cvss —epss 0.01
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["count"] parameter.
- CVE-2025-29223Mar 21, 2025risk 0.00cvss —epss 0.01
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt parameter in the traceRoute function.
- CVE-2025-25522Feb 11, 2025risk 0.00cvss —epss 0.00
Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability.
- CVE-2024-57538Jan 21, 2025risk 0.00cvss —epss 0.01
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification.
- CVE-2024-57537Jan 21, 2025risk 0.00cvss —epss 0.00
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification.
- CVE-2024-57544Jan 21, 2025risk 0.00cvss —epss 0.00
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.
- CVE-2024-57545Jan 21, 2025risk 0.00cvss —epss 0.00
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification.
- CVE-2024-57543Jan 21, 2025risk 0.00cvss —epss 0.00
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification.
- CVE-2024-57540Jan 21, 2025risk 0.00cvss —epss 0.01
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification.
- CVE-2024-57536Jan 21, 2025risk 0.00cvss —epss 0.01
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status.
- CVE-2024-57541Jan 21, 2025risk 0.00cvss —epss 0.00
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification.
- CVE-2024-57542Jan 21, 2025risk 0.00cvss —epss 0.02
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via the field id_email_check_btn.
- CVE-2024-57539Jan 21, 2025risk 0.00cvss —epss 0.01
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via userEmail.
- CVE-2025-22997Jan 14, 2025risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability in the prf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.
- CVE-2025-22996Jan 14, 2025risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability in the spf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.
- CVE-2024-57228Jan 10, 2025risk 0.00cvss —epss 0.01
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
- CVE-2024-57223Jan 10, 2025risk 0.00cvss —epss 0.02
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
- CVE-2024-57225Jan 10, 2025risk 0.00cvss —epss 0.02
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
- CVE-2024-57226Jan 10, 2025risk 0.00cvss —epss 0.01
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.
- CVE-2024-57227Jan 10, 2025risk 0.00cvss —epss 0.01
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
- CVE-2024-57224Jan 10, 2025risk 0.00cvss —epss 0.02
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
- CVE-2024-57222Jan 10, 2025risk 0.00cvss —epss 0.01
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
Page 3 of 5