CVE-2025-5438

CWE-74CWE-77Command Injection4 documents4 sources
Severity
5.3MEDIUM
EPSS
8.4%
top 7.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Linksys Re6250Linksys Re6300Linksys Re6350+9 more
Timeline
PublishedJun 2

Description

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. Affected by this vulnerability is the function WPS of the file /goform/WPS. The manipulation of the argument PIN leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any wa

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages12 packages

CVEListV5linksys/re62505 versions+4
CVEListV5linksys/re63005 versions+4
CVEListV5linksys/re63505 versions+4
CVEListV5linksys/re65005 versions+4
CVEListV5linksys/re70005 versions+4

🔴Vulnerability Details

2
CVEList
Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 WPS command injection2025-06-02
GHSA
GHSA-gpv9-mgr2-7qpf: A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 12025-06-02

🔍Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS Linksys WPS PIN Parameter Command Injection Attempt (CVE-2025-5438)2025-06-02
CVE-2025-5438 (MEDIUM CVSS 5.3) | A vulnerability was found in Linksy | cvebase.io