CVE-2025-45488
Published: 06 May 2025
Summary
CVE-2025-45488 is a critical-severity Command Injection (CWE-77) vulnerability in Linksys E5600 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 6.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
Linksys E5600 firmware version 1.1.0.26 contains a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter. The issue, tracked as CVE-2025-45488 and mapped to CWE-77, stems from insufficient input validation that permits arbitrary command execution when the parameter is processed.
The flaw is remotely exploitable without authentication or user interaction over the network, as reflected in its CVSS 3.1 score of 9.8. An attacker who supplies a crafted mailex value can achieve full control over the device, resulting in impacts to confidentiality, integrity, and availability.
Public proof-of-concept materials, including an exploit script and technical write-up, have been published on GitHub. The associated EPSS score has remained flat at 0.1068 with no material rise after disclosure. No official vendor advisory or patch information appears in the available references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-13615
Vulnerability details
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.