CVE-2025-9251 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 /goform/sta_wps_pin Ssid stack-based overflow

A vulnerability classified as critical has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function sta_wps_pin of the file /goform/sta_wps_pin. Performing manipulation of the argument Ssid results in stack-based buffer overflow.

This vulnerability is identified as CVE-2025-9251. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-9251 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 /goform/sta_wps_pin Ssid stack-based overflow

Post correlati

CVE-2024-52430 | Lis Video Gallery Plugin up to 0.2.1 on WordPress deserialization

CVE-2024-10654 | TOTOLINK LR350 up to 9.3.5u.6369 /formLoginAuth.htm authCode authorization

CVE-2025-5207 | SourceCodester Client Database Management System 1.0 superadmin_update_profile.php nickname sql injection

CVE-2023-49077 | Mailcow prior 2023-11 Quarantine UI cross site scripting (GHSA-46×4-w2fm-5x6g)