Affected Vendors This Week
- Linksys: 22 CVEs (20 High, 2 Medium)
- Cisco: 3 CVEs (0 High, 3 Medium)
- ASUS: 1 CVE (1 High, 0 Medium)
Total new CVEs: 26 | High severity: 20 | Medium severity: 6
Linksys Range Extenders Under Siege
This week brings a significant security event: Linksys has disclosed 22 vulnerabilities affecting its popular RE-series Wi-Fi range extenders. The affected models span the entire current and recent product lineup—RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000—all running vulnerable firmware versions 1.0.013.001 through 1.2.07.001.
The majority of these issues carry a CVSS score of 8.8 (High severity), indicating they pose a serious risk to network administrators managing these devices. The vulnerabilities cluster around critical administrative functions, including:
- CVE-2025-9393, CVE-2025-9392, CVE-2025-9363, CVE-2025-9361, CVE-2025-9360: Flaws in station profile management, QoS classification, port triggering, IP range blocking, and access control functions
- CVE-2025-9359, CVE-2025-9358, CVE-2025-9357: Issues affecting credential verification, configuration settings, and language switching
- CVE-2025-9356, CVE-2025-9355: Vulnerabilities in inbound filtering and scheduling functionality
These vulnerabilities likely enable attackers to bypass authentication, manipulate network policies, or gain unauthorized administrative access to affected extenders. Given that range extenders are often deployed with minimal ongoing monitoring, this cluster represents a particularly attractive attack surface for threat actors targeting home and small business networks.
Recommended action: Check Linksys support pages immediately for patched firmware versions. If your organization manages RE-series extenders, prioritize firmware updates as soon as they become available. Temporarily isolate or restrict access to affected devices if updates are not yet released.
Cisco Infrastructure Issues (Medium Priority)
Cisco disclosed three medium-severity vulnerabilities this week affecting network management and authentication systems:
- CVE-2025-20269 (CVSS 6.5) affects Cisco Evolved Programmable Network Manager (EPNM) and Prime Infrastructure web interfaces
- CVE-2025-20131 (CVSS 4.9) impacts the GUI of Cisco Identity Services Engine (ISE) and requires administrative authentication
- CVE-2025-20345 (CVSS 4.9) concerns debug logging in Cisco Duo Authentication Proxy
While lower in severity than the Linksys batch, these issues warrant attention for organizations running Cisco management and identity infrastructure. Review Cisco advisories for specific affected versions and apply patches according to your maintenance windows.
ASUS Kernel Vulnerability
One high-severity CVE (CVE-2025-38598) was reported affecting ASUS routers due to a Linux kernel use-after-free flaw in AMD GPU handling. This appears to be a lower-level kernel issue; check ASUS support pages for affected models and available patches.
Bottom Line
Linksys RE-series users face the most immediate risk this week. MSPs and network administrators managing these extenders should treat firmware updates as urgent. For Cisco and ASUS users, begin your standard vulnerability assessment and patching workflows.