Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-22996

A stored cross-site scripting (XSS) vulnerability in the spf_table_content component of Linksys E5600 Router Ver. 1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the desc parameter.

Published

2025-01-15T00:15:45.053

Last Modified

2025-06-11T15:38:44.620

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linksys	e5600_firmware	1.1.0.26	Yes
Hardware	linksys	e5600	-	No

References

https://github.com/SunnyYANGyaya/firmcrosser/blob/main/Linksys/E5600-2.md Broken Link, Exploit ([email protected])
https://github.com/SunnyYANGyaya/firmcrosser/blob/main/Linksys/E5600-2.md Broken Link, Exploit (134c704f-9b21-4f2e-91b3-4a467353bcc0)