Affected Vendors This Week
- Linksys: 4 CVEs (3 High, 1 Medium)
- Cisco: 3 CVEs (0 High, 3 Medium)
Summary
This week brought a focused set of seven vulnerabilities, with Linksys range extenders dominating the risk landscape. Three critical high-severity flaws affecting multiple RE series models require immediate attention from administrators managing these devices in their networks.
Linksys Range Extender Critical Issues
Linksys has disclosed four vulnerabilities affecting its RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 range extenders (firmware versions up to 20250801). The three high-severity issues are particularly concerning:
- CVE-2025-8819 (CVSS 8.8) — Command injection in the
setWanfunction (/goform/setWan) - CVE-2025-8817 (CVSS 8.8) — Command injection in the
setLanfunction (/goform/setLan) - CVE-2025-8816 (CVSS 8.8) — Command injection in the
setOpModefunction (/goform/setOpMode) - CVE-2025-8818 (CVSS 6.3) — Command injection in the
setDFSSettingfunction (/goform/setLan)
All four vulnerabilities appear to stem from improper input validation in web-based configuration endpoints. An unauthenticated attacker on the local network could potentially execute arbitrary commands on the affected device. Immediate action required: Check Linksys support pages for firmware updates released after August 1, 2025, and prioritize patching these models, especially those exposed to untrusted network segments.
Cisco ISE and Webex Issues
Cisco reported three medium-severity vulnerabilities. CVE-2025-20215 affects Webex Meetings' join functionality and could allow network-proximate attackers to hijack session joins. CVE-2025-20331 and CVE-2025-20332 both target the Cisco Identity Services Engine (ISE) web management interface, introducing stored XSS and configuration modification risks for authenticated users. While lower-severity than the Linksys issues, organizations running ISE should validate access controls and apply patches when available.