2
CVEs
0
Critical
2
High
0
KEV
1
PoC
2
Unpatched C/H
0.0%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
2
MEDIUM
0
LOW
0
Monthly CVE Trend
Affected Products (30)
Re6500 Firmware
36
Re7000 Firmware
35
Re6300 Firmware
34
Re6250 Firmware
33
Re6350 Firmware
33
Re9000 Firmware
33
E5600 Firmware
14
E1200 Firmware
10
E8450 Firmware
10
E7350 Firmware
8
E1700 Firmware
5
E2500 Firmware
5
Ea6500 Firmware
5
Ea6500
5
Wrt54Gl Firmware
4
E2000 Firmware
3
Ea4500 Firmware
3
Ea6400
2
Ea6700 Firmware
2
Ea6700
2
Ea2700 Firmware
2
Ea6400 Firmware
2
Ea6900
2
Wrt1900Acs Firmware
2
Ea3500 Firmware
2
Ea3500
2
Ea4500
2
Ea6300 Firmware
2
Ea6200
2
E4200V2 Firmware
2
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-4558 | OS command injection in Linksys MR9600 mesh router firmware 2.0.6.206937 allows authenticated remote attackers to execute arbitrary system commands with router privileges via crafted Smart Connect configuration parameters. The vulnerability exists in the SmartConnect.lua file's smartConnectConfigure function, which fails to sanitize user input in configApSsid, configApPassphrase, srpLogin, and srpPassword arguments before passing them to system commands. Publicly available exploit code exists (GitHub POC), but EPSS indicates low (0.15%) exploitation probability and CISA has not listed this in KEV, suggesting limited real-world targeting. Vendor (Linksys) did not respond to researcher disclosure. | HIGH | 7.4 | 0.2% | 57 |
PoC
No patch
|
| CVE-2026-6992 | OS command injection in Linksys MR9600 router firmware 2.0.6.206937 allows authenticated administrators to execute arbitrary system commands via crafted 'pin' parameter to the BTRequestGetSmartConnectStatus JNAP action handler. Publicly available exploit code exists (CVSS E:P), enabling remote compromise of router with full system-level access. Vendor notified but unresponsive, leaving users without confirmed patch. EPSS data not available; CVSS 7.3 severity reflects high impact limited by high privilege requirement (PR:H). | HIGH | 7.3 | 0.1% | 37 |
No patch
|