Linksys E5600 V1.1.0.26 Command Injection Vulnerability

CRITICAL (9.8) No Patch

Threat Intelligence

Low Risk

🔍 Detection Tools: None available in major open-source tools

⚔️ Exploit Availability: No public exploits found

What is it?

The Linksys E5600 is a wireless router model that uses the DDNS (Dynamic DNS) feature to update its IP address. The vulnerability, CVE-2025-29229, allows an attacker to inject malicious commands into the DDNS status function, potentially leading to unauthorized access and control over the router.

Am I affected?

You're affected if you use Linksys E5600 V1.1.0.26. This is a specific firmware version, so check your router's documentation or contact Linksys support to confirm your exact model and version.

Affected Products

Linksys / E5600

How to fix

To fix this vulnerability:

Immediately update to the latest firmware available from Linksys: https://www.linksys.com/support/product/e5600
If you can't upgrade immediately:
1. Set the ddnsStatus parameter to false in your router's configuration.
2. Disable the DDNS feature altogether.

References

github.com