Linksys: >> E5600 Firmware Security Vulnerabilities
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["count"] parameter.
CVSS Score
6.3
EPSS Score
0.006
Published
2025-03-21
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt["pkgsize"] parameter.
CVSS Score
6.3
EPSS Score
0.006
Published
2025-03-21
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.emailReg function. The vulnerability can be triggered via the `pt["email"]` parameter.
CVSS Score
8.6
EPSS Score
0.006
Published
2025-03-21
A stored cross-site scripting (XSS) vulnerability in the spf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.
CVSS Score
4.8
EPSS Score
0.001
Published
2025-01-15
A stored cross-site scripting (XSS) vulnerability in the prf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.
CVSS Score
4.8
EPSS Score
0.001
Published
2025-01-15
An issue discovered in Linksys E5600 routers allows attackers to hijack TCP sessions which could lead to a denial of service.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-05-28
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the PinCode parameter at /API/info form endpoint.
CVSS Score
8.0
EPSS Score
0.026
Published
2024-05-06
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint.
CVSS Score
9.8
EPSS Score
0.098
Published
2024-05-03
Page 2