VDB-321059 · CVE-2025-9356 · GCVE-100-321059

Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 /goform/inboundFilterAdd ruleName ବଫର୍ ଓଭରଫ୍ଲୋ

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 keessatti argameera. Miidhamni argame is hojii inboundFilterAdd faayilii /goform/inboundFilterAdd keessa. Wanti jijjiirame irratti ruleName gara ବଫର୍ ଓଭରଫ୍ଲୋ geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-121 si geessa. Odeeffannoon kun yeroo 08/22/2025 maxxanfameera. Odeeffannoon kun buufachuuf github.com irratti argama. Dogoggorri kun CVE-2025-9356 jedhamee waamama. Weerara fageenya irraa jalqabuu ni danda'ama. Ibsa teeknikaa ni jira. Waan dabalataa ta’een, meeshaa balaa kana fayyadamuuf ni jira. Qorannoo miidhaa (exploit) uummataaf ifa taasifameera, kanaafis fayyadamuu ni danda'ama. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ ta’uu isaa ibsameera. Exploit github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

2 ଆଡାପ୍ଟେସନ୍ · 89 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 08/22/2025 05:45 PM	ଅଦ୍ୟତନ 1/1 09/03/2025 03:21 AM
software_vendor	Linksys	Linksys
software_name	RE6250/RE6300/RE6350/RE6500/RE7000/RE9000	RE6250/RE6300/RE6350/RE6500/RE7000/RE9000
software_version	1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001	1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001
software_file	/goform/inboundFilterAdd	/goform/inboundFilterAdd
software_function	inboundFilterAdd	inboundFilterAdd
software_argument	ruleName	ruleName
vulnerability_cwe	CWE-121 (ବଫର୍ ଓଭରଫ୍ଲୋ)	CWE-121 (ବଫର୍ ଓଭରଫ୍ଲୋ)
vulnerability_risk	2	2
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	H	H
cvss3_vuldb_i	H	H
cvss3_vuldb_a	H	H
cvss3_vuldb_e	P	P
cvss3_vuldb_rc	R	R
advisory_url	https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_24/24.md	https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_24/24.md
exploit_availability	1	1
exploit_publicity	1	1
exploit_url	https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_24/24.md#poc	https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_24/24.md#poc
source_cve	CVE-2025-9356	CVE-2025-9356
cna_responsible	VulDB	VulDB
response_summary	The vendor was contacted early about this disclosure but did not respond in any way.	The vendor was contacted early about this disclosure but did not respond in any way.
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_ci	C	C
cvss2_vuldb_ii	C	C
cvss2_vuldb_ai	C	C
cvss2_vuldb_e	POC	POC
cvss2_vuldb_rc	UR	UR
cvss4_vuldb_av	N	N
cvss4_vuldb_ac	L	L
cvss4_vuldb_ui	N	N
cvss4_vuldb_vc	H	H
cvss4_vuldb_vi	H	H
cvss4_vuldb_va	H	H
cvss4_vuldb_e	P	P
cvss2_vuldb_au	S	S
cvss2_vuldb_rl	ND	ND
cvss3_vuldb_pr	L	L
cvss3_vuldb_rl	X	X
cvss4_vuldb_at	N	N
cvss4_vuldb_pr	L	L
cvss4_vuldb_sc	N	N
cvss4_vuldb_si	N	N
cvss4_vuldb_sa	N	N
cvss2_vuldb_basescore	9.0	9.0
cvss2_vuldb_tempscore	7.7	7.7
cvss3_vuldb_basescore	8.8	8.8
cvss3_vuldb_tempscore	8.0	8.0
cvss3_meta_basescore	8.8	8.8
cvss3_meta_tempscore	8.0	8.4
cvss4_vuldb_bscore	8.7	8.7
cvss4_vuldb_btscore	7.4	7.4
advisory_date	1755813600 (08/22/2025)	1755813600 (08/22/2025)
price_0day	$0-$5k	$0-$5k
cve_nvd_summary		A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function inboundFilterAdd of the file /goform/inboundFilterAdd. Executing manipulation of the argument ruleName can lead to stack-based buffer overflow. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
cve_nvd_summaryes		Se detectó una vulnerabilidad en Linksys RE6250, RE6300, RE6350, RE6500, RE7000 y RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. La función inboundFilterAdd del archivo /goform/inboundFilterAdd se ve afectada. La manipulación del argumento ruleName puede provocar un desbordamiento del búfer en la pila. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado. Se contactó al proveedor con antelación para informarle sobre esta divulgación, pero no respondió.
cvss4_cna_av		N
cvss4_cna_ac		L
cvss4_cna_at		N
cvss4_cna_pr		L
cvss4_cna_ui		N
cvss4_cna_vc		H
cvss4_cna_vi		H
cvss4_cna_va		H
cvss4_cna_sc		N
cvss4_cna_si		N
cvss4_cna_sa		N
cvss4_cna_bscore		8.7
cvss3_cna_av		N
cvss3_cna_ac		L
cvss3_cna_pr		L
cvss3_cna_ui		N
cvss3_cna_s		U
cvss3_cna_c		H
cvss3_cna_i		H
cvss3_cna_a		H
cvss3_cna_basescore		8.8
cvss2_cna_av		N
cvss2_cna_ac		L
cvss2_cna_au		S
cvss2_cna_ci		C
cvss2_cna_ii		C
cvss2_cna_ai		C
cvss2_cna_basescore		9

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you know our Splunk app?

Download it now for free!