CVE-2025-9146
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-19

Last updated on: 2025-09-12

Assigner: VulDB

Description
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-19
Last Modified
2025-09-12
Generated
2026-05-07
AI Q&A
2025-08-19
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9146
EUVD
EUVD-2025-28817
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linksys e5600_firmware 1.1.0.26
linksys e5600 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-310 Cryptographic Issues
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-9146 is a vulnerability in the Linksys E5600 router firmware version 1.1.0.26. It involves the use of a broken or risky cryptographic algorithm in the function verify_gemtek_header() within the checkFw.sh script. Specifically, the firmware uses a cyclic redundancy check (CRC) to verify firmware integrity, which is insecure in this context. An attacker can craft a malicious firmware image that has the same CRC value as a legitimate one, bypassing the integrity check. This allows for arbitrary code execution or denial of service on the device. [1, 2]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing a remote attacker, who can overcome a high complexity authentication requirement, to upload malicious firmware to your Linksys E5600 router. This can lead to arbitrary code execution or denial of service, compromising the confidentiality, integrity, and availability of your device. Since no fixes or mitigations are currently available and the vendor has not responded, the affected device remains at risk. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by identifying if the device is running Linksys E5600 router firmware version 1.1.0.26 and checking for the presence of the vulnerable function verify_gemtek_header in the checkFw.sh script. Since the vulnerability involves the use of a weak CRC algorithm during firmware verification, detection may involve verifying the firmware version and inspecting the firmware update process. Specific commands are not provided in the available resources. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include considering replacing the affected Linksys E5600 router running firmware version 1.1.0.26, as no fixes or countermeasures are currently available and the vendor has not responded. Limiting remote access to the device and monitoring for suspicious firmware update attempts may help reduce risk, but no official patches or workarounds exist. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart