Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

75 matches found

RedhatCVE
RedhatCVEadded 2026/04/27 7:23 p.m.3 views

CVE-2026-6992

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS6.9AI score0.00389EPSS
Exploits1References1
NVD
NVDadded 2026/04/25 6:16 p.m.3 views

CVE-2026-6992

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS0.00389EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/04/25 6:0 p.m.2 views

CVE-2026-6992 Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS7AI score0.00389EPSS
Exploits1References5
Cvelist
Cvelistadded 2026/04/25 6:0 p.m.31 views

CVE-2026-6992 Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS0.00389EPSS
Exploits1References5
EUVD
EUVDadded 2026/04/25 6:0 p.m.2 views

EUVD-2026-25668

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS6.9AI score0.00389EPSS
Exploits1References5
CVE
CVEadded 2026/04/25 6:0 p.m.7 views

CVE-2026-6992

CVE-2026-6992 affects Linksys MR9600 (firmware 2.0.6.206937). The vulnerability lies in BTRequestGetSmartConnectStatus within /etc/init.d/run_central2.sh (JNAP Action Handler), where manipulating the argument pin enables OS command injection. The attack can be initiated remotely and public exploi...

8.6CVSS6.9AI score0.00389EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/25 6:0 p.m.2 views

CVE-2026-6992

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/runcentral2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS6.9AI score0.00389EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/25 12:0 a.m.5 views

PT-2026-35165

A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run central2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated...

8.6CVSS6.9AI score0.00389EPSS
Exploits1References6
CNNVD
CNNVDadded 2026/04/25 12:0 a.m.3 views

Linksys MR9600 命令注入漏洞

The Linksys MR9600 is a wireless router produced by the American company Linksys. The Linksys MR9600 2.0.6.206937 version has a command injection vulnerability. This vulnerability stems from an improper handling of the parameter pin in the function BTRequestGetSmartConnectStatus within the JNAP...

8.6CVSS7AI score0.00389EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2026/03/26 2:58 p.m.2 views

CVE-2026-4558

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. T...

9CVSS6.9AI score0.00592EPSS
Exploits1References1
EUVD
EUVDadded 2026/03/22 6:30 p.m.3 views

EUVD-2026-14333

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. T...

9CVSS6.9AI score0.00592EPSS
Exploits1References6
NVD
NVDadded 2026/03/22 6:16 p.m.2 views

CVE-2026-4558

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. T...

9CVSS0.00592EPSS
Exploits1References5
CVE
CVEadded 2026/03/22 5:29 p.m.7 views

CVE-2026-4558

CVE-2026-4558 affects Linksys MR9600 (firmware 2.0.6.206937). The vulnerability lies in the SmartConnect.lua function smartConnectConfigure, where manipulation of the arguments configApSsid, configApPassphrase, srpLogin, or srpPassword can lead to an OS command injection. The attack can be launch...

9CVSS6.9AI score0.00592EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/03/22 5:29 p.m.32 views

CVE-2026-4558 Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. T...

9CVSS0.00592EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/03/22 5:29 p.m.2 views

CVE-2026-4558 Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. T...

9CVSS5.5AI score0.00592EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/03/22 5:29 p.m.2 views

CVE-2026-4558

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. T...

9CVSS6.9AI score0.00592EPSS
Exploits1References5Affected Software1
CNNVD
CNNVDadded 2026/03/22 12:0 a.m.1 views

Linksys MR9600 操作系统命令注入漏洞

The Linksys MR9600 is a wireless router produced by the American company Linksys. The version 2.0.6.206937 of the Linksys MR9600 has a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations on parameters in the file SmartConnect.lua,...

9CVSS7.3AI score0.00592EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/03/22 12:0 a.m.4 views

PT-2026-27013

A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. T...

9CVSS6.9AI score0.00592EPSS
Exploits1References13
RedhatCVE
RedhatCVEadded 2026/02/27 12:41 a.m.7 views

CVE-2026-27846

Due to missing authentication, a user with physical access to the device can misuse the mesh functionality for adding a new mesh device to the network to gain access to sensitive information, including the password for admin access to the web interface and the Wi-Fi passwords.This issue affects...

6.2CVSS5.2AI score0.00021EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/27 12:41 a.m.3 views

CVE-2026-27849

Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...

9.8CVSS5.5AI score0.00071EPSS
Exploits0References1
Rows per page
Query Builder