CVE-2026-27850
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linksys | MR9600 | 1.0.4.205530 | affected |
| Linksys | MX4200 | 1.0.13.210200 | affected |
Weaknesses
- cwe-940 Improper Verification of Source of a Communication Channel
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.