CNNVD-202508-2885 Information

CNNVD ID

CNNVD-202508-2885

Related CVE

CVE-2025-9393

• CNNVD Published: 2025-08-24

Description (Chinese)

Linksys RE6250等都是美国Linksys公司的一款无线扩展器。 Linksys多款产品存在安全漏洞，该漏洞源于对/goform/addStaProfile文件中参数profile_name/Ssid/wep_key_1/wep_key_2/wep_key_3/wep_key_4/wep_key_length/wep_default_key/cipher/passphrase的错误操作导致栈缓冲区溢出。以下产品及版本受到影响：Linksys RE6250、RE6300、RE6350、RE6500、RE7000和RE9000 1.0.013.001、1.0.04.001、1.0.04.002、1.1.05.003和1.2.07.001版本。

Description (English)

Linksys RE6250, etc., are a wireless extension of the United States company Linksys. There is a safety gap in Linksys ’ multiple products, which stems from an error in the operation of the parameters in the /goform/addStaProfile file program name/Ssid/wep key 1/wep key 2/wep key 3/wep key 4/wep key length/wep default key/cipher/passphrase resulting in the spilling of the buffer zone. The following products and versions were affected: Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE90000 1.0.013.001, 1.0.04.001, 1.0.04.002, 1.1.05.003 and 1.2.07.001.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Linksys

Published

2025-08-24

Last Modified

2026-02-24

References

https://www.linksys.com/ https://vuldb.com/?submit.631538 https://vuldb.com/?id.321226 https://vuldb.com/?ctiid.321226 https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_33/33.md#poc https://nvd.nist.gov/vuln/detail/CVE-2025-9393