Home

Description

EN DE

A weakness has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function DisablePasswordAlertRedirect of the file /goform/DisablePasswordAlertRedirect. Executing manipulation of the argument hint can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

In Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 ist eine Schwachstelle entdeckt worden. Davon betroffen ist die Funktion DisablePasswordAlertRedirect der Datei /goform/DisablePasswordAlertRedirect. Dank Manipulation des Arguments hint mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit ist öffentlich verfügbar und könnte genutzt werden.

PUBLISHED Reserved 2025-08-20 | Published 2025-08-20 | Updated 2025-08-21 | Assigner VulDB




HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
HIGH: 8.8CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
9.0AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR

Problem types

Stack-based Buffer Overflow

Memory Corruption

Product status

1.0.013.001
affected

1.0.04.001
affected

1.0.04.002
affected

1.1.05.003
affected

1.2.07.001
affected

1.0.013.001
affected

1.0.04.001
affected

1.0.04.002
affected

1.1.05.003
affected

1.2.07.001
affected

1.0.013.001
affected

1.0.04.001
affected

1.0.04.002
affected

1.1.05.003
affected

1.2.07.001
affected

1.0.013.001
affected

1.0.04.001
affected

1.0.04.002
affected

1.1.05.003
affected

1.2.07.001
affected

1.0.013.001
affected

1.0.04.001
affected

1.0.04.002
affected

1.1.05.003
affected

1.2.07.001
affected

1.0.013.001
affected

1.0.04.001
affected

1.0.04.002
affected

1.1.05.003
affected

1.2.07.001
affected

Timeline

2025-08-20:Advisory disclosed
2025-08-20:VulDB entry created
2025-08-20:VulDB entry last update

Credits

pjqwudi (VulDB User) reporter

References

vuldb.com/?id.320783 (VDB-320783 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 DisablePasswordAlertRedirect stack-based overflow) vdb-entry technical-description

vuldb.com/?ctiid.320783 (VDB-320783 | CTI Indicators (IOB, IOC, IOA)) signature permissions-required

vuldb.com/?submit.631525 (Submit #631525 | Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) Stack-based Buffer Overflow) third-party-advisory

github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_21/21.md exploit

www.linksys.com/ product

cve.org (CVE-2025-9252)

nvd.nist.gov (CVE-2025-9252)

Download JSON