CVE-2025-9528

Aug. 27, 2025, 2:15 p.m.

5.1
Medium

Description

A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Product(s) Impacted

Vendor Product Versions
Linksys
  • E1700
  • 1.0.0.4.003

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linksys e1700 1.0.0.4.003 / / / / / / /

References

https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.md
https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.md#poc
https://vuldb.com/?ctiid.321545
https://vuldb.com/?id.321545
https://vuldb.com/?submit.634827
https://www.linksys.com/

Tags

cna@vuldb.com
CWE-77
2025-08-27
CVE-2025-9528

CVSS Score

5.1 / 10

CVSS Data - 4.0

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Attack Requirements: NONE
  • Privileges Required: HIGH
  • User Interaction: NONE
  • Scope:
  • Confidentiality Impact: LOW
  • Integrity Impact: LOW
  • Availability Impact: LOW
  • Exploit Maturity: PROOF_OF_CONCEPT

    • CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

    View Vector String

Timeline

Published: Aug. 27, 2025, 2:15 p.m.
Last Modified: Aug. 27, 2025, 2:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cna@vuldb.com

Linked Attack Reports

Tracking RondoDox: Malware Exploiting Many IoT Vulnerabilities

A new threat actor is distributing the RondoDox malware, a variant of Mirai, targeting IoT devices. The actor uses residential IP addresses for distribution and employs over a dozen exploits to target various IoT vulnerabilities. The malware's first stage is a shell script that attempts to disable …
command injection
iot
botnet
mirai
multi-platform
CVE-2024-10914
CVE-2023-1389
CVE-2025-4008
CVE-2024-3721
CVE-2025-34043
rondodox
CVE-2025-9528
CVE-2013-1599
CVE-2022-36553
CVE-2020-10987
2025-11-26
shell script
residential infrastructure
mirai variant
CVE-2020-9054
CVE-2023-23333
CVE-2014-3206
CVE-2023-41011
CVE-2022-40619
Published: November 26, 2025
Linked vulnerabilities : CVE-2024-4577 (CVSS 9.8), CVE-2024-10914 (CVSS 8.1), CVE-2022-42475, CVE-2017-9841, CVE-2023-23333, CVE-2019-9082, CVE-2023-1389, CVE-2025-31324 (CVSS 10.0), CVE-2025-4008 (CVSS 9.4), CVE-2024-3721, CVE-2025-34043 (CVSS 10.0), CVE-2025-9528 (CVSS 5.1), CVE-2013-1599, CVE-2022-36553, CVE-2020-10987, CVE-2023-41011, CVE-2022-40619, CVE-2022-24847, CVE-2020-8958, CVE-2014-3206, CVE-2023-1381, CVE-2022-22947, CVE-2020-9054
Downloadable IOCs: 26

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.