CVE-2025-4999

Summary

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub_4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument supplicant_rnd_id_en leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
LinksysFGW3000-AH1.0.0affected
LinksysFGW3000-AH1.0.1affected
LinksysFGW3000-AH1.0.2affected
LinksysFGW3000-AH1.0.3affected
LinksysFGW3000-AH1.0.4affected
LinksysFGW3000-AH1.0.5affected
LinksysFGW3000-AH1.0.6affected
LinksysFGW3000-AH1.0.7affected
LinksysFGW3000-AH1.0.8affected
LinksysFGW3000-AH1.0.9affected
LinksysFGW3000-AH1.0.10affected
LinksysFGW3000-AH1.0.11affected
LinksysFGW3000-AH1.0.12affected
LinksysFGW3000-AH1.0.13affected
LinksysFGW3000-AH1.0.14affected
LinksysFGW3000-AH1.0.15affected
LinksysFGW3000-AH1.0.16affected
LinksysFGW3000-AH1.0.17.000000affected
LinksysFGW3000-HK1.0.0affected
LinksysFGW3000-HK1.0.1affected
LinksysFGW3000-HK1.0.2affected
LinksysFGW3000-HK1.0.3affected
LinksysFGW3000-HK1.0.4affected
LinksysFGW3000-HK1.0.5affected
LinksysFGW3000-HK1.0.6affected
LinksysFGW3000-HK1.0.7affected
LinksysFGW3000-HK1.0.8affected
LinksysFGW3000-HK1.0.9affected
LinksysFGW3000-HK1.0.10affected
LinksysFGW3000-HK1.0.11affected
LinksysFGW3000-HK1.0.12affected
LinksysFGW3000-HK1.0.13affected
LinksysFGW3000-HK1.0.14affected
LinksysFGW3000-HK1.0.15affected
LinksysFGW3000-HK1.0.16affected
LinksysFGW3000-HK1.0.17.000000affected

Weaknesses

  • CWE-77: Command Injection
  • CWE-74: Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References