CVE-2026-25603 – Path Traversal vulnerability in Linksys MR9600, Linksys MX4200

CVE ID : CVE-2026-25603

Published : Feb. 24, 2026, 6:29 p.m. | 37 minutes ago

Description : Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Linksys MR9600, Linksys MX4200 allows that contents of a USB drive partition can be mounted in an arbitrary location of the file system. This may result in the execution of shell scripts in the context of a root user.This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…