CVE-2025-9482 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 portRangeForwardAdd ruleName/schedule/inboundFilter/TCPPorts/UDPPorts stack-based overflow

A vulnerability described as critical has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function portRangeForwardAdd of the file /goform/portRangeForwardAdd. The manipulation of the argument ruleName/schedule/inboundFilter/TCPPorts/UDPPorts results in stack-based buffer overflow.

This vulnerability is identified as CVE-2025-9482. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-9482 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 portRangeForwardAdd ruleName/schedule/inboundFilter/TCPPorts/UDPPorts stack-based overflow

Post correlati

CVE-2022-49666 | Linux Kernel up to 5.15.52/5.18.9 virt_addr_valid high_memory Privilege Escalation

CVE-2024-31812 | Totolink EX200 4.0.3c.7646_B20201211 getWiFiExtenderConfig information disclosure

CVE-2024-9789 | LyLme_spage 1.9.5 /admin/apply.php id sql injection

CVE-2025-2087 | StarSea99 starsea-mall 1.0 /admin/goods/update goodsName cross site scripting