CVE-2025-9575 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 upload.cgi cgiMain os command injection

🗓️ 28 Aug 2025 18:02:06Reported by VulDBType

Remote command injection in Linksys devices via filename argument in /cgi-bin/upload.cgi cgiMain.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-9575	28 Aug 202518:24	–	circl
CNNVD	Linksys多款产品安全漏洞	28 Aug 202500:00	–	cnnvd
CVE	CVE-2025-9575	28 Aug 202518:02	–	cve
EUVD	EUVD-2025-26141	3 Oct 202520:07	–	euvd
NVD	CVE-2025-9575	28 Aug 202518:15	–	nvd
Positive Technologies	PT-2025-35124	28 Aug 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-9575	30 Aug 202518:21	–	redhatcve
Vulnrichment	CVE-2025-9575 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 upload.cgi cgiMain os command injection	28 Aug 202518:02	–	vulnrichment

[
  {
    "vendor": "Linksys",
    "product": "RE6250",
    "versions": [
      {
        "version": "1.0.013.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.002",
        "status": "affected"
      },
      {
        "version": "1.1.05.003",
        "status": "affected"
      },
      {
        "version": "1.2.07.001",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Linksys",
    "product": "RE6300",
    "versions": [
      {
        "version": "1.0.013.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.002",
        "status": "affected"
      },
      {
        "version": "1.1.05.003",
        "status": "affected"
      },
      {
        "version": "1.2.07.001",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Linksys",
    "product": "RE6350",
    "versions": [
      {
        "version": "1.0.013.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.002",
        "status": "affected"
      },
      {
        "version": "1.1.05.003",
        "status": "affected"
      },
      {
        "version": "1.2.07.001",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Linksys",
    "product": "RE6500",
    "versions": [
      {
        "version": "1.0.013.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.002",
        "status": "affected"
      },
      {
        "version": "1.1.05.003",
        "status": "affected"
      },
      {
        "version": "1.2.07.001",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Linksys",
    "product": "RE7000",
    "versions": [
      {
        "version": "1.0.013.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.002",
        "status": "affected"
      },
      {
        "version": "1.1.05.003",
        "status": "affected"
      },
      {
        "version": "1.2.07.001",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Linksys",
    "product": "RE9000",
    "versions": [
      {
        "version": "1.0.013.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.001",
        "status": "affected"
      },
      {
        "version": "1.0.04.002",
        "status": "affected"
      },
      {
        "version": "1.1.05.003",
        "status": "affected"
      },
      {
        "version": "1.2.07.001",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_13/13.md
github	www.github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_13/13.md
linksys	www.linksys.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

28 Aug 2025 18:02Current

CVSS 45.3

CVSS 3.16.3

CVSS 36.3

CVSS 26.5

EPSS0.00839