CVE-2025-5000

Summary

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function control_panel_sw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
LinksysFGW3000-AH1.0.0affected
LinksysFGW3000-AH1.0.1affected
LinksysFGW3000-AH1.0.2affected
LinksysFGW3000-AH1.0.3affected
LinksysFGW3000-AH1.0.4affected
LinksysFGW3000-AH1.0.5affected
LinksysFGW3000-AH1.0.6affected
LinksysFGW3000-AH1.0.7affected
LinksysFGW3000-AH1.0.8affected
LinksysFGW3000-AH1.0.9affected
LinksysFGW3000-AH1.0.10affected
LinksysFGW3000-AH1.0.11affected
LinksysFGW3000-AH1.0.12affected
LinksysFGW3000-AH1.0.13affected
LinksysFGW3000-AH1.0.14affected
LinksysFGW3000-AH1.0.15affected
LinksysFGW3000-AH1.0.16affected
LinksysFGW3000-AH1.0.17.000000affected
LinksysFGW3000-HK1.0.0affected
LinksysFGW3000-HK1.0.1affected
LinksysFGW3000-HK1.0.2affected
LinksysFGW3000-HK1.0.3affected
LinksysFGW3000-HK1.0.4affected
LinksysFGW3000-HK1.0.5affected
LinksysFGW3000-HK1.0.6affected
LinksysFGW3000-HK1.0.7affected
LinksysFGW3000-HK1.0.8affected
LinksysFGW3000-HK1.0.9affected
LinksysFGW3000-HK1.0.10affected
LinksysFGW3000-HK1.0.11affected
LinksysFGW3000-HK1.0.12affected
LinksysFGW3000-HK1.0.13affected
LinksysFGW3000-HK1.0.14affected
LinksysFGW3000-HK1.0.15affected
LinksysFGW3000-HK1.0.16affected
LinksysFGW3000-HK1.0.17.000000affected

Weaknesses

  • CWE-77: Command Injection
  • CWE-74: Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References