CVE-2025-6752

Name of the Vulnerable Software and Affected Versions Linksys WRT1900ACS, EA7200, EA7450, and EA7500 versions up to 20250619

Description A critical vulnerability exists in Linksys routers due to a stack-based buffer overflow. The issue is located in the SetDefaultConnectionService function within the /upnp/control/Layer3Forwarding file of the IGD component. Manipulation of the NewDefaultConnectionService argument can trigger the overflow, allowing for remote exploitation. The exploit for this vulnerability has been publicly disclosed, and the vendor has not responded to reports about the issue.

Recommendations Linksys WRT1900ACS, EA7200, EA7450, and EA7500 versions prior to 20250619 should be updated. As a temporary workaround, consider disabling the UPnP service to minimize the risk of exploitation. Restrict access to the /upnp/control/Layer3Forwarding file to authorized users only.