CVE-2025-9362 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 urlFilterManageRule urlFilterRuleName/scheduleUrl/addURLFilter stack-based overflow

A vulnerability, which was classified as critical, was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function urlFilterManageRule of the file /goform/urlFilterManageRule. Executing manipulation of the argument urlFilterRuleName/scheduleUrl/addURLFilter can lead to stack-based buffer overflow.

The identification of this vulnerability is CVE-2025-9362. The attack may be launched remotely. There is no exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-9362 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 urlFilterManageRule urlFilterRuleName/scheduleUrl/addURLFilter stack-based overflow

Post correlati

CVE-2024-26331 | ReCrystallize Server 5.10.0.0 Cookie improper authentication

CVE-2024-32146 | Aspose.cloud Marketplace Aspose.Words Exporter Plugin up to 6.3.1 on WordPress authorization

CVE-2024-36495 | Faronics WINSelect Standard/WINSelect Enterprise prior 8.30.xx.903 WINSelect.wsd default permission

CVE-2024-39300 | Elecom WAB-I1750-PS up to 1.5.10 Telnet missing authentication