Skip to content
Threat Feed

Vendor

Linksys

1 brief RSS
critical advisory

Linksys MR9600 Command Injection Vulnerability (CVE-2026-6992)

CVE-2026-6992 is a command injection vulnerability in the Linksys MR9600 router that allows remote attackers to execute arbitrary OS commands by manipulating the 'pin' argument in the BTRequestGetSmartConnectStatus function.

MR9600 cve-2026-6992 command-injection router rce
2r 2t 1c