CVE-2025-9482

CWE-119Buffer OverflowCWE-121Stack-based Buffer Overflow4 documents4 sources
Severity
7.4HIGH
EPSS
0.5%
top 35.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Linksys Re6250Linksys Re6300Linksys Re6350+9 more
Timeline
PublishedAug 26
Latest updateAug 28

Description

A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function portRangeForwardAdd of the file /goform/portRangeForwardAdd. The manipulation of the argument ruleName/schedule/inboundFilter/TCPPorts/UDPPorts results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did no

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages12 packages

CVEListV5linksys/re62505 versions+4
CVEListV5linksys/re63005 versions+4
CVEListV5linksys/re63505 versions+4
CVEListV5linksys/re65005 versions+4
CVEListV5linksys/re70005 versions+4

🔴Vulnerability Details

2
CVEList
Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 portRangeForwardAdd stack-based overflow2025-08-26
GHSA
GHSA-f8g8-q5gh-fw99: A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 12025-08-26

🔍Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS Linksys portRangeForwardAdd Multiple Parameters Buffer Overflow Attempt (CVE-2025-9482)2025-08-28
CVE-2025-9482 (HIGH CVSS 7.4) | A vulnerability was detected in Lin | cvebase.io