CNNVD-202508-904 Information
CNNVD ID
CNNVD-202508-904
Related CVE
- CNNVD Published: 2025-08-11
Description (Chinese)
Linksys RE6250等都是美国Linksys公司的一款无线扩展器。 Linksys多款产品存在命令注入漏洞,该漏洞源于ipv6cmd函数对多个参数操作不当,可能导致os命令注入。以下产品和版本受到影响:Linksys RE6250、Linksys RE6300、Linksys RE6350、Linksys RE6500、Linksys RE7000和Linksys RE9000 20250801及之前版本。
Description (English)
Linksys RE6250, etc., are a wireless extension of the United States company Linksys. Linksys multi-products have command-injected holes, which stem from the inappropriate operation of the ipv6cmd function on multiple parameters, which may lead to an Os command injection. The following products and versions were affected: Linksys RE6250, Linksys RE6300, Linksys RE6350, Linksys RE6500, Linksys RE7000 and Linksys RE9000 20250801 and earlier.
Hazard Level
High
Vulnerability Type
命令注入
Affected Vendor
Linksys
Published
2025-08-11
Last Modified
2026-02-24
References
https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_44/44.md https://www.linksys.com/ https://vuldb.com/?id.319362 https://vuldb.com/?submit.626693 https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_44/44.md#poc https://vuldb.com/?ctiid.319362 https://access.redhat.com/security/cve/cve-2025-8828
Share on: