Risky Cryptographic Algorithm Vulnerability in Linksys E5600 Firmware
CVE-2025-9146

7.5HIGH

Key Information:

Vendor

Linksys
Status
E5600
Vendor
CVE Published:
19 August 2025

What is CVE-2025-9146?

A vulnerability exists in the Linksys E5600 firmware version 1.1.0.26, specifically in the verify_gemtek_header function of the checkFw.sh script within the Firmware Handler. This flaw could allow for the exploitation of a weak or risky cryptographic algorithm through remote manipulation. Exploiting this vulnerability requires advanced technical knowledge, making it a complex threat. Despite early notification, the vendor has not provided any response regarding this issue, highlighting the importance of immediate security assessments for users.

Affected Version(s)

E5600 1.1.0.26

References

https://vuldb.com/?id.320525
vdb-entrytechnical-description
https://vuldb.com/?ctiid.320525
signaturepermissions-required
https://vuldb.com/?submit.628642
third-party-advisory

CVSS V4

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

IOT_Res (VulDB User)
.