6 matches found
VulnCheck KEV: CVE-2025-8829
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function umred of the file /goform/RPsetBasicAuto. The manipulation of the argument hname leads to os command injection. The attack can be launched...
CVE-2025-8827
A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function uminspectcrossband of the file /goform/RPsetBasicAuto. The manipulation of the argument staticGateway leads to os command injection. The attack may be initiated...
CVE-2025-8825
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function RPsetBasicAuto of the file /goform/RPsetBasicAuto. The manipulation of the argument staticIp/staticNetmask leads to os command injection. It is possible to initiat...
CVE-2025-8821
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function RPsetBasic of the file /goform/RPsetBasic. The manipulation of the argument bssid leads to os command injection. The attack may be initiated remotely. The...
CVE-2025-8821
CVE-2025-8821 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 series. Root cause: manipulation of the bssid argument in RP_setBasic (/goform/RP_setBasic) enables OS command injection. Vulnerable versions are listed up to 20250801. Exploitation may be initiated remotely; the exploit has ...
Linksys多款产品 命令注入漏洞
The Linksys RE6250, among others, is a wireless extender from Linksys USA. A command injection vulnerability exists in various Linksys products. The vulnerability stems from improper manipulation of the bssid parameter in the RPsetBasic function, which may result in os command injection. The...