Vulnerability-Lookup

CNVD-2026-21275

Vulnerability from cnvd - Published: 2026-05-21

Title

Linksys MR9600和Linksys MX4200存在未明漏洞（CNVD-2026-21275）

Description

Linksys MR9600是一款无线路由器。Linksys MX4200是一个网状网络路由器。 Linksys MR9600和Linksys MX4200存在安全漏洞，攻击者可利用该漏洞导致未经授权的网络访问。

Severity

高

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-014.txt

Reference

https://nvd.nist.gov/vuln/detail/CVE-2026-27850

Impacted products

Name
['Linksys mr9600 1.0.4.205530', 'Linksys MX4200 1.0.13.210200']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2026-27850",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2026-27850"
    }
  },
  "description": "Linksys MR9600\u662f\u4e00\u6b3e\u65e0\u7ebf\u8def\u7531\u5668\u3002Linksys MX4200\u662f\u4e00\u4e2a\u7f51\u72b6\u7f51\u7edc\u8def\u7531\u5668\u3002 \n\nLinksys MR9600\u548cLinksys MX4200\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u672a\u7ecf\u6388\u6743\u7684\u7f51\u7edc\u8bbf\u95ee\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-014.txt",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2026-21275",
  "openTime": "2026-05-21",
  "products": {
    "product": [
      "Linksys mr9600 1.0.4.205530",
      "Linksys MX4200 1.0.13.210200"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2026-27850",
  "serverity": "\u9ad8",
  "submitTime": "2026-03-09",
  "title": "Linksys MR9600\u548cLinksys MX4200\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2026-21275\uff09"
}

CVE-2026-27850 (GCVE-0-2026-27850)

Vulnerability from cvelistv5 – Published: 2026-02-25 16:58 – Updated: 2026-02-25 19:11

Title

Improper verification in Linksys MR9600, Linksys MX4200

Summary

Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

SSVC

Exploitation: poc Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

cwe-940 Improper Verification of Source of a Communication Channel

Assigner

ENISA

References

1 reference

URL	Tags
https://www.syss.de/fileadmin/dokumente/Publikati…	third-party-advisorytechnical-description

Impacted products

2 products

Vendor	Product	Version
Linksys	MR9600	Affected: 1.0.4.205530
Linksys	MX4200	Affected: 1.0.13.210200

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-27850",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-25T19:11:25.500248Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-25T19:11:29.416Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "MR9600",
          "vendor": "Linksys",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.4.205530"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MX4200",
          "vendor": "Linksys",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.13.210200"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network.\u003cbr\u003e\u003cp\u003eThis issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.\u003c/p\u003e"
            }
          ],
          "value": "Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network.\nThis issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "cwe-940 Improper Verification of Source of a Communication Channel",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-25T16:58:06.450Z",
        "orgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158",
        "shortName": "ENISA"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory",
            "technical-description"
          ],
          "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-014.txt"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Improper verification in Linksys MR9600, Linksys MX4200",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158",
    "assignerShortName": "ENISA",
    "cveId": "CVE-2026-27850",
    "datePublished": "2026-02-25T16:58:06.450Z",
    "dateReserved": "2026-02-24T07:07:48.974Z",
    "dateUpdated": "2026-02-25T19:11:29.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2026-21275

CVE-2026-27850 (GCVE-0-2026-27850)

Tags

Sightings

Nomenclature