CVE-2025-9355

Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 versions 1.0.013.001 through 1.2.07.001

Description: A stack-based buffer overflow exists in the scheduleAdd function within the /goform/scheduleAdd file. Manipulation of the ruleName argument can trigger this issue, allowing for remote exploitation. The exploit has been made public.

Recommendations: Linksys RE6250 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6250 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6250 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6250 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6250 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability.