Shodan
Vulnerabilities
Vulnerable Software
Linksys:  >> E5600 Firmware  Security Vulnerabilities
CVE-2025-29228
Linksys E5600 V1.1.0.26 is vulnerable to command injection in the runtime.macClone function via the mc.ip parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-12-23
CVE-2025-29229
linksys E5600 V1.1.0.26 is vulnerable to command injection in the function ddnsStatus.
CVSS Score
9.8
EPSS Score
0.003
Published
2025-12-23
CVE-2025-29231
A stored cross-site scripting (XSS) vulnerability in the page_save component of Linksys E5600 V1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hostname and domainName parameters.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-12-16
CVE-2025-9146
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.6
EPSS Score
0.002
Published
2025-08-19
CVE-2025-45490
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter.
CVSS Score
9.8
EPSS Score
0.017
Published
2025-05-06
CVE-2025-45491
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
CVSS Score
9.8
EPSS Score
0.03
Published
2025-05-06
CVE-2025-45487
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function.
CVSS Score
9.8
EPSS Score
0.017
Published
2025-05-06
CVE-2025-45488
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter.
CVSS Score
9.8
EPSS Score
0.023
Published
2025-05-06
CVE-2025-45489
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter.
CVSS Score
9.8
EPSS Score
0.017
Published
2025-05-06
CVE-2025-29223
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt parameter in the traceRoute function.
CVSS Score
6.3
EPSS Score
0.006
Published
2025-03-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved