58
CVEs
0
Critical
43
High
0
KEV
57
PoC
43
Unpatched C/H
0.0%
Patch Rate
0.4%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
43
MEDIUM
4
LOW
11
Monthly CVE Trend
Affected Products (14)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-60690 | A stack-based buffer overflow vulnerability exists in the Linksys E1200 v2 router firmware that allows remote attackers to execute arbitrary code or cause denial of service without authentication. The vulnerability occurs in the httpd binary's get_merge_ipaddr function, which improperly concatenates user-supplied CGI parameters into a fixed-size buffer without bounds checking. With publicly available proof-of-concept exploits and an EPSS score of 0.57% (68th percentile), this represents a moderate exploitation risk for affected devices. | HIGH | 8.8 | 0.6% | 65 |
PoC
No patch
|
| CVE-2026-4558 | OS command injection in Linksys MR9600 mesh router firmware 2.0.6.206937 allows authenticated remote attackers to execute arbitrary system commands with router privileges via crafted Smart Connect configuration parameters. The vulnerability exists in the SmartConnect.lua file's smartConnectConfigure function, which fails to sanitize user input in configApSsid, configApPassphrase, srpLogin, and srpPassword arguments before passing them to system commands. Publicly available exploit code exists (GitHub POC), but EPSS indicates low (0.15%) exploitation probability and CISA has not listed this in KEV, suggesting limited real-world targeting. Vendor (Linksys) did not respond to researcher disclosure. | HIGH | 7.4 | 0.2% | 57 |
PoC
No patch
|
| CVE-2026-6992 | OS command injection in Linksys MR9600 router firmware 2.0.6.206937 allows authenticated administrators to execute arbitrary system commands via crafted 'pin' parameter to the BTRequestGetSmartConnectStatus JNAP action handler. Publicly available exploit code exists (CVSS E:P), enabling remote compromise of router with full system-level access. Vendor notified but unresponsive, leaving users without confirmed patch. EPSS data not available; CVSS 7.3 severity reflects high impact limited by high privilege requirement (PR:H). | HIGH | 7.3 | 0.1% | 37 |
No patch
|
| CVE-2025-8818 | A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.4% | 31 |
PoC
No patch
|
| CVE-2025-8821 | A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.4% | 31 |
PoC
No patch
|
| CVE-2025-8823 | A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.4% | 31 |
PoC
No patch
|
| CVE-2025-8825 | A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.4% | 31 |
PoC
No patch
|
| CVE-2025-8827 | A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.4% | 31 |
PoC
No patch
|
| CVE-2025-8828 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.4% | 31 |
PoC
No patch
|
| CVE-2025-8829 | A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.4% | 31 |
PoC
No patch
|
| CVE-2025-8830 | A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.4% | 31 |
PoC
No patch
|
| CVE-2025-9244 | A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.3% | 31 |
PoC
No patch
|
| CVE-2025-9575 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001.cgi. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.1 | 0.3% | 31 |
PoC
No patch
|
| CVE-2025-9528 | A vulnerability was determined in Linksys E1700 1.0.0.4.003. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | LOW | 2.0 | 0.4% | 30 |
PoC
No patch
|
| CVE-2025-8816 | A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 7.4 | 0.2% | – |
PoC
No patch
|