CVE-2025-9481

CWE-119 — Buffer Overflow CWE-121 — Stack-based Buffer Overflow4 documents4 sources

Severity

7.4HIGH

EPSS

0.4%

top 40.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linksys Re6250 Linksys Re6300 Linksys Re6350 +9 more

Timeline

PublishedAug 26

Latest updateAug 28

Description

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function setIpv6 of the file /goform/setIpv6. The manipulation of the argument tunrd_Prefix leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages12 packages

▶CVEListV5linksys/re62505 versions+4

▶CVEListV5linksys/re63005 versions+4

▶CVEListV5linksys/re63505 versions+4

▶CVEListV5linksys/re65005 versions+4

▶CVEListV5linksys/re70005 versions+4

🔴Vulnerability Details

CVEList

Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setIpv6 stack-based overflow↗2025-08-26

▶

GHSA

GHSA-p4rf-jrjg-fmrh: A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1↗2025-08-26

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS Linksys linsetIpv6 tunrd_Prefix Parameter Buffer Overflow Attempt (CVE-2025-9481)↗2025-08-28

▶