Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for mr9600_firmware by linksys

    CVE-2026-6992 (GCVE-0-2026-6992)

    Vulnerability from nvd – Published: 2026-04-25 18:00 – Updated: 2026-04-27 13:34
    VLAI
    Title
    Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection
    Summary
    A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/359544 vdb-entrytechnical-description
    https://vuldb.com/vuln/359544/cti signaturepermissions-required
    https://vuldb.com/submit/797086 third-party-advisory
    https://github.com/utmost3/cve/issues/2 exploitissue-tracking
    https://www.linksys.com/ product
    Impacted products
    Vendor Product Version
    Linksys MR9600 Affected: 2.0.6.206937
        cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    wuuu (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6992",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-27T13:10:55.443763Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-27T13:34:09.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "JNAP Action Handler"
              ],
              "product": "MR9600",
              "vendor": "Linksys",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.6.206937"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "wuuu (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 8.3,
                "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-25T18:00:20.422Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-359544 | Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/359544"
            },
            {
              "name": "VDB-359544 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/359544/cti"
            },
            {
              "name": "Submit #797086 | Linksys MR9600 Firmware 2.0.6.206937 Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/797086"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/utmost3/cve/issues/2"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.linksys.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-24T21:45:04.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-6992",
        "datePublished": "2026-04-25T18:00:20.422Z",
        "dateReserved": "2026-04-24T19:39:58.219Z",
        "dateUpdated": "2026-04-27T13:34:09.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4558 (GCVE-0-2026-4558)

    Vulnerability from nvd – Published: 2026-03-22 17:29 – Updated: 2026-03-23 16:06
    VLAI
    Title
    Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection
    Summary
    A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.352385 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.352385 signaturepermissions-required
    https://vuldb.com/?submit.775036 third-party-advisory
    https://github.com/utmost3/cve/issues/1 exploitissue-tracking
    https://www.linksys.com/ product
    Impacted products
    Vendor Product Version
    Linksys MR9600 Affected: 2.0.6.206937
        cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    wuuu (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4558",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T16:06:42.703555Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-23T16:06:52.992Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*"
              ],
              "product": "MR9600",
              "vendor": "Linksys",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.6.206937"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "wuuu (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-22T17:29:35.187Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-352385 | Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.352385"
            },
            {
              "name": "VDB-352385 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.352385"
            },
            {
              "name": "Submit #775036 | Linksys MR9600 firmware 2.0.6.206937 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.775036"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/utmost3/cve/issues/1"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.linksys.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-21T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-21T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-21T21:52:56.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4558",
        "datePublished": "2026-03-22T17:29:35.187Z",
        "dateReserved": "2026-03-21T20:47:50.172Z",
        "dateUpdated": "2026-03-23T16:06:52.992Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25603 (GCVE-0-2026-25603)

    Vulnerability from nvd – Published: 2026-02-24 17:14 – Updated: 2026-02-24 18:13
    VLAI
    Title
    Path Traversal vulnerability in Linksys MR9600, Linksys MX4200
    Summary
    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context of a root user.This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Linksys MR9600 Affected: 1.0.4.205530
    Create a notification for this product.
    Linksys MX4200 Affected: 1.0.13.210200
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "PHYSICAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.6,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25603",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-24T18:11:45.463586Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-24T18:13:33.449Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MR9600",
              "vendor": "Linksys",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.4.205530"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MX4200",
              "vendor": "Linksys",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.13.210200"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Linksys MR9600, Linksys MX4200 allows that\u0026nbsp;contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context of a root user.\u003cp\u003eThis issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.\u003c/p\u003e"
                }
              ],
              "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Linksys MR9600, Linksys MX4200 allows that\u00a0contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context of a root user.This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-251",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-251 Local Code Inclusion"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T17:14:36.141Z",
            "orgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158",
            "shortName": "ENISA"
          },
          "references": [
            {
              "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-001.txt"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Path Traversal vulnerability in Linksys MR9600, Linksys MX4200",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158",
        "assignerShortName": "ENISA",
        "cveId": "CVE-2026-25603",
        "datePublished": "2026-02-24T17:14:36.141Z",
        "dateReserved": "2026-02-03T07:24:49.548Z",
        "dateUpdated": "2026-02-24T18:13:33.449Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-24372 (GCVE-0-2022-24372)

    Vulnerability from nvd – Published: 2022-04-27 17:23 – Updated: 2024-08-03 04:07
    VLAI
    Summary
    Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:07:02.428Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-27T17:23:41.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-24372",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/",
                  "refsource": "MISC",
                  "url": "https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
                },
                {
                  "name": "https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/",
                  "refsource": "MISC",
                  "url": "https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
                },
                {
                  "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt",
                  "refsource": "MISC",
                  "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-24372",
        "datePublished": "2022-04-27T17:23:41.000Z",
        "dateReserved": "2022-02-02T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:07:02.428Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-6992 (GCVE-0-2026-6992)

    Vulnerability from cvelistv5 – Published: 2026-04-25 18:00 – Updated: 2026-04-27 13:34
    VLAI
    Title
    Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection
    Summary
    A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/359544 vdb-entrytechnical-description
    https://vuldb.com/vuln/359544/cti signaturepermissions-required
    https://vuldb.com/submit/797086 third-party-advisory
    https://github.com/utmost3/cve/issues/2 exploitissue-tracking
    https://www.linksys.com/ product
    Impacted products
    Vendor Product Version
    Linksys MR9600 Affected: 2.0.6.206937
        cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    wuuu (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6992",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-27T13:10:55.443763Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-27T13:34:09.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "JNAP Action Handler"
              ],
              "product": "MR9600",
              "vendor": "Linksys",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.6.206937"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "wuuu (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 8.3,
                "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-25T18:00:20.422Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-359544 | Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/359544"
            },
            {
              "name": "VDB-359544 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/359544/cti"
            },
            {
              "name": "Submit #797086 | Linksys MR9600 Firmware 2.0.6.206937 Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/797086"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/utmost3/cve/issues/2"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.linksys.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-24T21:45:04.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Linksys MR9600 JNAP Action run_central2.sh BTRequestGetSmartConnectStatus os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-6992",
        "datePublished": "2026-04-25T18:00:20.422Z",
        "dateReserved": "2026-04-24T19:39:58.219Z",
        "dateUpdated": "2026-04-27T13:34:09.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4558 (GCVE-0-2026-4558)

    Vulnerability from cvelistv5 – Published: 2026-03-22 17:29 – Updated: 2026-03-23 16:06
    VLAI
    Title
    Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection
    Summary
    A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.352385 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.352385 signaturepermissions-required
    https://vuldb.com/?submit.775036 third-party-advisory
    https://github.com/utmost3/cve/issues/1 exploitissue-tracking
    https://www.linksys.com/ product
    Impacted products
    Vendor Product Version
    Linksys MR9600 Affected: 2.0.6.206937
        cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    wuuu (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4558",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T16:06:42.703555Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-23T16:06:52.992Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:linksys:mr9600_firmware:*:*:*:*:*:*:*:*"
              ],
              "product": "MR9600",
              "vendor": "Linksys",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.6.206937"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "wuuu (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-22T17:29:35.187Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-352385 | Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.352385"
            },
            {
              "name": "VDB-352385 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.352385"
            },
            {
              "name": "Submit #775036 | Linksys MR9600 firmware 2.0.6.206937 OS Command Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.775036"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/utmost3/cve/issues/1"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.linksys.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-21T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-21T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-21T21:52:56.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4558",
        "datePublished": "2026-03-22T17:29:35.187Z",
        "dateReserved": "2026-03-21T20:47:50.172Z",
        "dateUpdated": "2026-03-23T16:06:52.992Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25603 (GCVE-0-2026-25603)

    Vulnerability from cvelistv5 – Published: 2026-02-24 17:14 – Updated: 2026-02-24 18:13
    VLAI
    Title
    Path Traversal vulnerability in Linksys MR9600, Linksys MX4200
    Summary
    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context of a root user.This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Linksys MR9600 Affected: 1.0.4.205530
    Create a notification for this product.
    Linksys MX4200 Affected: 1.0.13.210200
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "PHYSICAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 6.6,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25603",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-24T18:11:45.463586Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-24T18:13:33.449Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MR9600",
              "vendor": "Linksys",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.4.205530"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MX4200",
              "vendor": "Linksys",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.13.210200"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Linksys MR9600, Linksys MX4200 allows that\u0026nbsp;contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context of a root user.\u003cp\u003eThis issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.\u003c/p\u003e"
                }
              ],
              "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Linksys MR9600, Linksys MX4200 allows that\u00a0contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context of a root user.This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-251",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-251 Local Code Inclusion"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-24T17:14:36.141Z",
            "orgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158",
            "shortName": "ENISA"
          },
          "references": [
            {
              "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-001.txt"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Path Traversal vulnerability in Linksys MR9600, Linksys MX4200",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158",
        "assignerShortName": "ENISA",
        "cveId": "CVE-2026-25603",
        "datePublished": "2026-02-24T17:14:36.141Z",
        "dateReserved": "2026-02-03T07:24:49.548Z",
        "dateUpdated": "2026-02-24T18:13:33.449Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-24372 (GCVE-0-2022-24372)

    Vulnerability from cvelistv5 – Published: 2022-04-27 17:23 – Updated: 2024-08-03 04:07
    VLAI
    Summary
    Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:07:02.428Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-27T17:23:41.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-24372",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link to the root directory of a NAS SMB share."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/",
                  "refsource": "MISC",
                  "url": "https://www.linksys.com/mesh-routers/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
                },
                {
                  "name": "https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/",
                  "refsource": "MISC",
                  "url": "https://www.linksys.com/de/linksys-dual-band-mesh-wifi-6-router-mr9600/p/p-mr9600/"
                },
                {
                  "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt",
                  "refsource": "MISC",
                  "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-046.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-24372",
        "datePublished": "2022-04-27T17:23:41.000Z",
        "dateReserved": "2022-02-02T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:07:02.428Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }