CVE-2025-9253

CWE-119Buffer OverflowCWE-121Stack-based Buffer Overflow3 documents3 sources
Severity
7.4HIGH
EPSS
0.3%
top 49.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Linksys Re6250Linksys Re6300Linksys Re6350+9 more
Timeline
PublishedAug 20
Latest updateAug 21

Description

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RP_doSpecifySiteSurvey of the file /goform/RP_doSpecifySiteSurvey. The manipulation of the argument ssidhex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but di

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages12 packages

CVEListV5linksys/re62505 versions+4
CVEListV5linksys/re63005 versions+4
CVEListV5linksys/re63505 versions+4
CVEListV5linksys/re65005 versions+4
CVEListV5linksys/re70005 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-mp4p-c34v-97hv: A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 12025-08-21
CVEList
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_doSpecifySiteSurvey stack-based overflow2025-08-20
CVE-2025-9253 (HIGH CVSS 7.4) | A security vulnerability has been d | cvebase.io