64
CVEs
5
Critical
42
High
0
KEV
62
PoC
47
Unpatched C/H
0.0%
Patch Rate
1.1%
Avg EPSS
Severity Breakdown
CRITICAL
5
HIGH
42
MEDIUM
17
LOW
0
Monthly CVE Trend
Affected Products (16)
Re7000 Firmware
44
Re6300 Firmware
43
Re6250 Firmware
43
Re6350 Firmware
43
Re9000 Firmware
43
Re6500 Firmware
42
Command Injection
34
E5600 Firmware
12
E8450 Firmware
10
E7350 Firmware
8
E1200 Firmware
6
Stack Overflow
6
E1700 Firmware
4
Fgw3000 Ah Firmware
2
Fgw3000 Hk Firmware
2
Wap610N Firmware
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-45491 | Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.9%. | CRITICAL | 9.8 | 11.9% | 81 |
PoC
No patch
|
| CVE-2025-45488 | Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 9.5% | 79 |
PoC
No patch
|
| CVE-2025-45487 | Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2025-45489 | Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2025-45490 | Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 7.2% | 76 |
PoC
No patch
|
| CVE-2025-60690 | A stack-based buffer overflow vulnerability exists in the Linksys E1200 v2 router firmware that allows remote attackers to execute arbitrary code or cause denial of service without authentication. The vulnerability occurs in the httpd binary's get_merge_ipaddr function, which improperly concatenates user-supplied CGI parameters into a fixed-size buffer without bounds checking. With publicly available proof-of-concept exploits and an EPSS score of 0.57% (68th percentile), this represents a moderate exploitation risk for affected devices. | HIGH | 8.8 | 0.6% | 65 |
PoC
No patch
|
| CVE-2026-4558 | Unauthenticated attackers can inject arbitrary operating system commands through manipulated parameters in the SmartConnect configuration function of Linksys MR9600 firmware version 2.0.6.206937, achieving remote code execution with high privileges. Public exploit code is available for this vulnerability, and no patch has been released despite vendor notification. The attack requires only network access and low complexity, making it immediately exploitable in affected deployments. | HIGH | 8.8 | 0.2% | 64 |
PoC
No patch
|
| CVE-2025-4999 | A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available. | MEDIUM | 5.3 | 1.9% | – |
No patch
|
| CVE-2025-5000 | A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available. | MEDIUM | 5.3 | 1.9% | – |
No patch
|
| CVE-2025-8816 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.4 | 0.2% | – |
PoC
No patch
|
| CVE-2025-8817 | A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.4 | 0.2% | – |
PoC
No patch
|
| CVE-2025-8818 | A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | MEDIUM | 5.3 | 0.4% | – |
PoC
No patch
|
| CVE-2025-8819 | A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.4 | 0.2% | – |
PoC
No patch
|
| CVE-2025-8820 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.4 | 0.2% | – |
PoC
No patch
|
| CVE-2025-8821 | A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | MEDIUM | 5.3 | 0.4% | – |
PoC
No patch
|