CVE-2025-9253 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_doSpecifySiteSurvey ssidhex stack-based overflow

A vulnerability, which was classified as critical, has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RP_doSpecifySiteSurvey of the file /goform/RP_doSpecifySiteSurvey. The manipulation of the argument ssidhex leads to stack-based buffer overflow.

This vulnerability is listed as CVE-2025-9253. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-9253 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_doSpecifySiteSurvey ssidhex stack-based overflow

Post correlati

CVE-2024-55415 | DevDojo Voyager up to 1.8.0 /admin/compass path traversal

CVE-2023-37325 | D-Link DAP-2622 DDP Set SSID List missing authentication (ZDI-23-1280)

CVE-2024-25640 | dfir-iris iris-web up to 2.3.x cross site scripting (GHSA-2xq6-qc74-w5vp)

CVE-2024-6083 | PHPVibe 11.0.46 Media Upload Page upload-mp3.php file unrestricted upload