Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Linksys Subscribe
Filtered by product E5600 Firmware
Total 14 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-33788 1 Linksys 2 E5600, E5600 Firmware 2025-06-11 N/A 8.0 HIGH
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the PinCode parameter at /API/info form endpoint.
CVE-2025-22996 1 Linksys 2 E5600, E5600 Firmware 2025-06-11 N/A 4.8 MEDIUM
A stored cross-site scripting (XSS) vulnerability in the spf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.
CVE-2025-22997 1 Linksys 2 E5600, E5600 Firmware 2025-06-11 N/A 4.8 MEDIUM
A stored cross-site scripting (XSS) vulnerability in the prf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.
CVE-2024-33789 1 Linksys 2 E5600, E5600 Firmware 2025-06-10 N/A 9.8 CRITICAL
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint.
CVE-2023-30305 1 Linksys 2 E5600, E5600 Firmware 2025-06-10 N/A 7.5 HIGH
An issue discovered in Linksys E5600 routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVE-2025-45491 1 Linksys 2 E5600, E5600 Firmware 2025-05-13 N/A 9.8 CRITICAL
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
CVE-2025-45490 1 Linksys 2 E5600, E5600 Firmware 2025-05-13 N/A 9.8 CRITICAL
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter.
CVE-2025-45489 1 Linksys 2 E5600, E5600 Firmware 2025-05-13 N/A 9.8 CRITICAL
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter.
CVE-2025-45488 1 Linksys 2 E5600, E5600 Firmware 2025-05-13 N/A 9.8 CRITICAL
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter.
CVE-2025-45487 1 Linksys 2 E5600, E5600 Firmware 2025-05-13 N/A 9.8 CRITICAL
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function.
CVE-2025-29226 1 Linksys 2 E5600, E5600 Firmware 2025-04-01 N/A 6.3 MEDIUM
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["count"] parameter.
CVE-2025-29227 1 Linksys 2 E5600, E5600 Firmware 2025-04-01 N/A 6.3 MEDIUM
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["pkgsize"] parameter.
CVE-2025-29230 1 Linksys 2 E5600, E5600 Firmware 2025-04-01 N/A 8.6 HIGH
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.emailReg function. The vulnerability can be triggered via the `pt["email"]` parameter.
CVE-2025-29223 1 Linksys 2 E5600, E5600 Firmware 2025-04-01 N/A 6.3 MEDIUM
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt parameter in the traceRoute function.