CVE-2026-25603

Name of the Vulnerable Software and Affected Versions Linksys MR9600 version 1.0.4.205530 Linksys MX4200 version 1.0.13.210200

Description A path traversal issue exists in Linksys MR9600 and MX4200 devices. This allows the contents of a USB drive partition to be mounted in an arbitrary location within the file system. Successful exploitation may lead to the execution of shell scripts with root privileges.

Recommendations Linksys MR9600 version 1.0.4.205530: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys MX4200 version 1.0.13.210200: At the moment, there is no information about a newer version that contains a fix for this vulnerability.