CVE-2025-5442 Information

Jun 03, 2025 cve

Description

A vulnerability which was classified as critical has been found in Linksys RE6500 RE6250 RE6300 RE6350 RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function RP_pingGatewayByBBS of the file /goform/RP_pingGatewayByBBS. The manipulation of the argument ip/nm/gw leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Reference

https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_5/5.md https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_5/5.md https://vuldb.com/?ctiid.310781 https://vuldb.com/?id.310781 https://vuldb.com/?submit.584364 https://www.linksys.com/

Share on: