Primary

Context

Linksys RE6250, RE6300, RE6350, RE6500, RE7000, RE9000 Stack-Based Buffer Overflow Vulnerability

Vulnerability

A stack-based buffer overflow vulnerability has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 routers, all running specific firmware versions. The vulnerability arises in the 'setSysAdm' function of the '/goform/setSysAdm' file, where the 'admpasshint' parameter is manipulated, leading to a stack overflow. This flaw allows remote attackers to crash the router, disrupting its services. The vulnerability has been publicly disclosed, and an exploit is available.

Impact

Exploitation of this vulnerability causes the router to crash, disrupting its normal functions and services.

Reproduction

To reproduce this vulnerability, send a POST request to '/goform/setSysAdm' with the 'admpasshint' parameter containing a long string. The router will crash as a result of the stack overflow.

Added: Aug 23, 2025, 8:17 AM

Updated: Aug 23, 2025, 8:17 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

5.8

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

5.8

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linksys RE6250, RE6300, RE6350, RE6500, RE7000, RE9000 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Linksys RE6500

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating