Linksys

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-4999 1Linksys 2Fgw3000 Ah Firmware Fgw3000 Hk Firmware Jun 12, 2025 May 20, 2025 5.3 MEDIUM· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub_4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST...Show more A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub_4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument supplicant_rnd_id_en leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-45491 1Linksys 1E5600 Firmware May 13, 2025 May 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
CVE-2025-45490 1Linksys 1E5600 Firmware May 13, 2025 May 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter.
CVE-2025-45489 1Linksys 1E5600 Firmware May 13, 2025 May 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter.
CVE-2025-45488 1Linksys 1E5600 Firmware May 13, 2025 May 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter.
CVE-2025-45487 1Linksys 1E5600 Firmware May 13, 2025 May 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function.
CVE-2025-29230 1Linksys 1E5600 Firmware Apr 1, 2025 Mar 21, 2025 N/A· v4 8.6 HIGH· v3 N/A· v2 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.emailReg function. The vulnerability can be triggered via the `pt["email"]` parameter.
CVE-2025-29227 1Linksys 1E5600 Firmware Apr 1, 2025 Mar 21, 2025 N/A· v4 6.3 MEDIUM· v3 N/A· v2 In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["pkgsize"] parameter.
CVE-2025-29226 1Linksys 1E5600 Firmware Apr 1, 2025 Mar 21, 2025 N/A· v4 6.3 MEDIUM· v3 N/A· v2 In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["count"] parameter.
CVE-2025-29223 1Linksys 1E5600 Firmware Apr 1, 2025 Mar 21, 2025 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt parameter in the traceRoute function.
CVE-2025-25522 1Linksys 1Wap610n Firmware Jun 6, 2025 Feb 11, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfu...Show more Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability.Show less
CVE-2024-57545 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification.
CVE-2024-57544 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.
CVE-2024-57543 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification.
CVE-2024-57542 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via the field id_email_check_btn.
CVE-2024-57541 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification.
CVE-2024-57540 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification.
CVE-2024-57539 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via userEmail.
CVE-2024-57538 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification.
CVE-2024-57537 1Linksys 1E8450 Firmware Apr 22, 2025 Jan 21, 2025 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification.

Previous 1...456...12 Next