HIGHCVE-2026-27850Published Modified CNA ENISA
CVE-2026-27850: Improper verification in Linksys MR9600, Linksys MX4200
Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 2
Affected packages
- Linksys / MR96001.0.4.205530
- Linksys / MX42001.0.13.210200
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NReferences