What is CVE-2025-34037?

CVE-2025-34037 is a vulnerability in Linksys E1000 V1, classified under OS Command Injection. Published 2025-06-24.

Is CVE-2025-34037 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Linksys E1000 V1

CVE-2025-34037

An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the tt…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.893 (99.6th percentile) — read the EPSS interpretation.

Affected products

Linksys E1000 V1 — versions 0
Linksys E1200 V1 — versions 0
Linksys E1500 V1 — versions 0
Linksys E1550 — versions 0
Linksys E2000 — versions 0
Linksys E2100l V1 — versions 0
Linksys E2500 V1/v2 — versions 0
Linksys E3000 — versions 0
Linksys E3200 — versions 0
Linksys E4200 — versions 0

Weakness classification (CWE)

CWE-78 — OS Command Injection

Public proof-of-concept exploits

References

isc.sans.edu/diary/17633 (technical-description)
www.exploit-db.com/exploits/31683 (third-party-advisory, exploit)
vulncheck.com/advisories/linksys-routers-command-injection (third-party-advisory)

Frequently asked questions

What is CVE-2025-34037?: CVE-2025-34037 is a vulnerability in Linksys E1000 V1, classified under OS Command Injection. Published 2025-06-24.
Is CVE-2025-34037 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.