Affected Vendors This Week
- Linksys: 2 CVEs (2 critical)
- Netgear: 2 CVEs (1 critical, 1 medium)
- Digi: 1 CVE (informational)
Critical Command Injection Vulnerabilities Demand Immediate Action
This week brings three critical command injection vulnerabilities affecting popular router models, all carrying a maximum CVSS score of 9.8. Organizations running these devices should prioritize patching immediately.
Linksys E5600 users face dual threats: CVE-2025-29228 and CVE-2025-29229 both allow unauthenticated remote code execution through command injection. The first exploits the runtime.macClone function via the mc.ip parameter, while the second targets the ddnsStatus function. Both affect firmware version V1.1.0.26. If you manage E5600 deployments, check Linksys immediately for available firmware patches and prioritize rollout across your fleet.
Netgear EX8000 also affected: CVE-2025-50526 introduces a critical command injection vulnerability in the switch_status function on version V1.0.0.126. A companion medium-severity issue, CVE-2025-45493, exists in the action_bandwidth function via the iface parameter. While the second is lower severity, both should be patched to fully harden these devices.
Recommended actions: Log into your management systems and identify all E5600 and EX8000 units. Contact vendor support channels for patches, test in a controlled environment, and schedule updates during maintenance windows. These vulnerabilities pose significant risk if left unpatched in production networks.