Primary

Context

Linksys Extenders Stack-Based Buffer Overflow Vulnerability

Vulnerability

A stack-based buffer overflow vulnerability has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 extenders running specific firmware versions. The vulnerability arises in the 'RP_doSpecifySiteSurvey' function, where the 'ssidhex' parameter is not properly validated, allowing remote attackers to overwrite the stack and potentially execute arbitrary code. This issue has been publicly disclosed and is actively exploitable.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, allowing for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/goform/RP_doSpecifySiteSurvey' with a crafted 'ssidhex' parameter. The payload should be sufficiently long to overflow the buffer, causing the device to crash and disrupt its normal functioning.

Added: Aug 20, 2025, 11:19 PM

Updated: Aug 20, 2025, 11:19 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linksys Extenders Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Linksys RE6500

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating