CVE-2025-5442 – Linksys Router Os Command Injection Vulnerability

June 2, 2025

CVE ID : CVE-2025-5442

Published : June 2, 2025, 11:15 a.m. | 3 hours, 56 minutes ago

Description : A vulnerability, which was classified as critical, has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function RP_pingGatewayByBBS of the file /goform/RP_pingGatewayByBBS. The manipulation of the argument ip/nm/gw leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46807 – SSLH File Descriptor Exhaustion Denial of Service

Next Article CVE-2025-5441 – Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 Os Command Injection Vulnerability

Highlights

CVE-2025-42961 – SAP NetWeaver Application Server for ABAP Permissive Access Configuration Privilege Escalation

July 7, 2025

CVE ID : CVE-2025-42961

Published : July 8, 2025, 1:15 a.m. | 35 minutes ago

Description : Due to a missing authorization check in SAP NetWeaver Application server for ABAP, an authenticated user with high privileges could exploit the insufficient validation of user permissions to access sensitive database tables. By leveraging overly permissive access configurations, unauthorized reading of critical data is possible, resulting in a significant impact on the confidentiality of the information stored. However, the integrity and availability of the system remain unaffected.

Severity: 4.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

I took a walk with Meta’s new Oakley smart glasses – they beat my Ray-Bans in every way

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Top 7 Computer Performance Test Tools Online (Free & Fast)

Top 7 Computer Performance Test Tools Online (Free & Fast)

10 Best Windows 11 Encryption Software

Google Chrome Is Testing Dynamic Country Detection for Region-Specific Features

CVE-2025-5442 – Linksys Router Os Command Injection Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

How Attackers Steal Data from Websites (And How to Stop Them)

Rolex Datejust Super Clone Watches – Top Quality Replica for Sale – Thesuperclonewatches

CVE-2025-3610 – Reales WP STPT Privilege Escalation and Account Takeover Vulnerability in WordPress

Navigating Digital Transformation in 2025: Why Expert AI Consulting Matters More Than Ever🔍

CVE-2025-42961 – SAP NetWeaver Application Server for ABAP Permissive Access Configuration Privilege Escalation

The AI model race has suddenly gotten a lot closer, say Stanford scholars

CVE-2025-48916 – Drupal Bookable Calendar Missing Authorization

Designing High-Converting Landing Pages in Webflow for B2B SaaS in 2025

CVE-2025-5442 – Linksys Router Os Command Injection Vulnerability

Related Posts