Linksys

CVE-2026-6992 is a command injection vulnerability in the Linksys MR9600 router that allows remote attackers to execute arbitrary OS commands by manipulating the 'pin' argument in the BTRequestGetSmartConnectStatus function.

A stack buffer overflow vulnerability in Linksys E1200 firmware version 2.0.04 and earlier allows an authenticated attacker to achieve remote code execution by sending a crafted HTTP POST request to the apply.cgi endpoint.