Linksys

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-57536 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via wizard_status.
CVE-2025-22997 1Linksys 1E5600 Firmware Jun 11, 2025 Jan 15, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 A stored cross-site scripting (XSS) vulnerability in the prf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...Show more A stored cross-site scripting (XSS) vulnerability in the prf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.Show less
CVE-2025-22996 1Linksys 1E5600 Firmware Jun 11, 2025 Jan 15, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 A stored cross-site scripting (XSS) vulnerability in the spf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...Show more A stored cross-site scripting (XSS) vulnerability in the spf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.Show less
CVE-2024-57228 1Linksys 1E7350 Firmware Apr 16, 2025 Jan 10, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
CVE-2024-57227 1Linksys 1E7350 Firmware Apr 16, 2025 Jan 10, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
CVE-2024-57226 1Linksys 1E7350 Firmware Apr 16, 2025 Jan 10, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.
CVE-2024-57225 1Linksys 1E7350 Firmware Apr 16, 2025 Jan 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
CVE-2024-57224 1Linksys 1E7350 Firmware Apr 16, 2025 Jan 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
CVE-2024-57223 1Linksys 1E7350 Firmware Apr 16, 2025 Jan 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function.
CVE-2024-57222 1Linksys 1E7350 Firmware Apr 16, 2025 Jan 10, 2025 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function.
CVE-2024-48286 1Linksys 1E3000 Firmware Jun 30, 2025 Nov 21, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Linksys E3000 1.0.06.002_US is vulnerable to command injection via the diag_ping_start function.
CVE-2024-8408 1Linksys 1Wrt54g Firmware Sep 5, 2024 Sep 4, 2024 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validate_services_port of the file /apply.cgi of the component POST Parameter Handler. The manipul...Show more A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validate_services_port of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument services_array leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-42633 1Linksys 1E1500 Firmware Aug 20, 2024 Aug 19, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a result, an authenticated attacker can execute OS commands with root privileges.
CVE-2024-40495 1Linksys 1E2500 Firmware Jan 2, 2026 Jul 24, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 A vulnerability was discovered in Linksys Router E2500 with firmware 2.0.00, allows authenticated attackers to execute arbitrary code via the hnd_parentalctrl_unblock function.
CVE-2024-41281 1Linksys 1Wrt54g Firmware Jun 4, 2025 Jul 19, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get_merge_mac function.
CVE-2024-40750 1Linksys 2Mbe7000 Firmware Mx6200 Firmware Jun 30, 2025 Jul 9, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Linksys Velop Pro 6E 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation.
CVE-2024-36821 1Linksys 1Velop Whw0101 Firmware Nov 21, 2024 Jun 11, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root.
CVE-2023-30305 1Linksys 1E5600 Firmware Jun 10, 2025 May 28, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue discovered in Linksys E5600 routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVE-2023-46012 1Linksys 1Ea7500 Firmware Jun 30, 2025 May 7, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute arbitrary code via an HTTP request to the IGD UPnP.
CVE-2024-33788 1Linksys 1E5600 Firmware Jun 11, 2025 May 6, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the PinCode parameter at /API/info form endpoint.

Previous 1...567...12 Next