CNNVD-202508-3304 Information

CNNVD ID

CNNVD-202508-3304

Related CVE

CVE-2025-9575

• CNNVD Published: 2025-08-28

Description (Chinese)

Linksys RE6300等都是美国Linksys公司的产品。Linksys RE6300是一款无线网络信号扩展器。Linksys RE6250是一款无线扩展器。Linksys RE6350是一款无线扩展器。 Linksys多款产品存在安全漏洞，该漏洞源于对文件/cgi-bin/upload.cgi中参数filename的错误操作导致os命令注入。以下产品及版本受到影响：RE6250、RE6300、RE6350、RE6500、RE7000和RE9000 1.0.013.001版本、1.0.04.001版本、1.0.04.002版本、1.1.05.003版本和1.2.07.001版本。

Description (English)

Linksys RE6300 and so on are products of the United States company Linksys. Linksys RE6300 is a wireless network signal extension. Linksys RE6250 is a wireless extension. Linksys RE6350 is a wireless extension. Linksys has a security loophole in multiple products, which results from an error in the file/cgi-bin/upload.cgi parameter filename leading to an Os command injection. The following products and versions were affected: RE6250, RE6300, RE6350, RE6500, RE7000 and RE90000 Versions 1.0.013.001, 1.0.04.001 Versions, 1.0.04.002 Versions, 1.1.05.003 Versions and 1.2.07.001 Versions.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Linksys

Published

2025-08-28

Last Modified

2026-02-24

References

https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_13/13.md#poc https://www.linksys.com/ https://vuldb.com/?submit.634840 https://vuldb.com/?id.321689 https://vuldb.com/?ctiid.321689 https://nvd.nist.gov/vuln/detail/CVE-2025-9575