CVE-2025-45491
published 2025-05-06CVE-2025-45491: Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linksys | e5600_firmware | — | — |
| msrc | azl3_cmake_3.30.3-6_on_azure_linux_3.0 | — | — |
| msrc | azl3_expat_2.6.2-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_expat_2.6.3-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_python3_3.12.3-5_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_cmake_3.21.4-17_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_expat_2.6.2-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_expat_2.6.3-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_python3_3.9.19-13_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |