CVE-2025-9528
Published: 27 August 2025
Summary
CVE-2025-9528 is a low-severity Command Injection (CWE-77) vulnerability in Linksys E1700 Firmware. Its CVSS base score is 2.0 (Low).
Operationally, ranked in the top 21.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
A vulnerability identified as CVE-2025-9528 exists in the Linksys E1700 router running firmware version 1.0.0.4.003. It resides in the systemCommand function of the /goform/systemCommand endpoint and stems from improper handling of the command argument, enabling OS command injection. The issue is tracked under CWE-77 and CWE-78, carries a CVSS 4.0 score of 2.0, and can be triggered remotely.
An attacker with high privileges can send a crafted request to the affected endpoint and execute arbitrary operating system commands on the device. Successful exploitation yields limited impacts to confidentiality, integrity, and availability on the target system. The exploit code has been publicly released, although the attack requires authenticated administrative access and does not affect other network segments.
The vendor was notified prior to disclosure but provided no response or patch. Public references consist of proof-of-concept material hosted on GitHub and entries in the VulDB database; no official mitigation guidance or firmware update has been issued.
The associated EPSS score remains low and unchanged at 0.0108, indicating limited observed exploitation interest following publication.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-28866
Vulnerability details
A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been…
more
publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.