Recently, radio-frequency (RF) fingerprinting has been proposed for mitigating primary user emulation (PUE) attacks in cognitive radio networks (CRNs). The widespread practical implementation of cognitive radio (CR) is likely to utilise software-defined radios with a low-end (i.e. low-cost) receiver built with inexpensive analogue components. This study experimentally analyses the feasibility of RF fingerprinting for mitigating PUE attacks using low-end software-defined CRs. Seven universal software radio peripherals are used as low-end CR receivers and their resulting performance is analysed for ad hoc and infrastructure CRN scenarios. The performance analysis is performed for the largest known data set of its kind, which consists of 490 000 measurements from seven identical transmitters across eight receivers. It is found that impairments in the front-end of a low-end receiver affects the accuracy of transmitter classification and this accuracy varies across receivers. The results suggest that RF fingerprinting can be effectively used for mitigating PUE attacks in an ad hoc CRN at high receiver signal-to-noise ratio whereas RF fingerprinting is not a practical solution for mitigating PUE attacks in an infrastructure CRN.