Vulnerabilities > Linksys > Critical

DATE CVE VULNERABILITY TITLE RISK
2025-05-06 CVE-2025-45487 Command Injection vulnerability in Linksys E5600 Firmware 1.1.0.26
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function.
network
low complexity
linksys CWE-77
critical
 9.8
9.8
2025-05-06 CVE-2025-45488 Command Injection vulnerability in Linksys E5600 Firmware 1.1.0.26
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter.
network
low complexity
linksys CWE-77
critical
 9.8
9.8
2025-05-06 CVE-2025-45489 Command Injection vulnerability in Linksys E5600 Firmware 1.1.0.26
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter.
network
low complexity
linksys CWE-77
critical
 9.8
9.8
2025-05-06 CVE-2025-45490 Command Injection vulnerability in Linksys E5600 Firmware 1.1.0.26
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter.
network
low complexity
linksys CWE-77
critical
 9.8
9.8
2025-05-06 CVE-2025-45491 Command Injection vulnerability in Linksys E5600 Firmware 1.1.0.26
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
network
low complexity
linksys CWE-77
critical
 9.8
9.8
2024-09-04 CVE-2024-8408 Out-of-bounds Write vulnerability in Linksys Wrt54G Firmware 4.21.5
A vulnerability was found in Linksys WRT54G 4.21.5.
network
low complexity
linksys CWE-787
critical
 9.8
9.8
2022-08-28 CVE-2022-38555 Out-of-bounds Write vulnerability in Linksys E1200 Firmware 1.0.04
Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name.
network
low complexity
linksys CWE-787
critical
 9.8
9.8
2020-12-26 CVE-2020-35713 OS Command Injection vulnerability in Linksys Re6500 Firmware
Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.
network
low complexity
linksys CWE-78
critical
 9.8
9.8
2019-11-21 CVE-2019-16340 Forced Browsing vulnerability in Linksys products
Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI.
network
low complexity
linksys CWE-425
critical
 9.8
9.8
2019-10-25 CVE-2013-4658 Path Traversal vulnerability in Linksys Ea6500 Firmware
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.
network
low complexity
linksys CWE-22
critical
 9.8
9.8