CVE-2025-9249 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 DHCPReserveAddGroup enable_group/name_group/ip_group/mac_group stack-based overflow

A vulnerability marked as critical has been reported in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function DHCPReserveAddGroup of the file /goform/DHCPReserveAddGroup. This manipulation of the argument enable_group/name_group/ip_group/mac_group causes stack-based buffer overflow.

The identification of this vulnerability is CVE-2025-9249. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-9249 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 DHCPReserveAddGroup enable_group/name_group/ip_group/mac_group stack-based overflow

Post correlati

CVE-2024-20807 | Samsung Mobile Email prior 6.1.90.16 Intent information disclosure

CVE-2025-7653 | EPay Payments Plugin up to 0.1 on WordPress Shortcode epay cross site scripting

CVE-2024-38780 | Linux Kernel up to 6.9.3 sync_print_obj state issue

CVE-2024-48941 | Syracom Secure Login Plugin up to 3.1.4.5 on Jira /rest access control