CVE-2025-9358

Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 versions 1.0.013.001 through 1.2.07.001

Description: A security flaw exists due to a stack-based buffer overflow in the setSysAdm function within the /goform/setSysAdm file. Manipulation of the admpasshint argument can trigger this issue, allowing for remote exploitation. An exploit for this vulnerability has been publicly released. The vendor was notified but did not respond.

Recommendations: Linksys RE6250 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.0.013.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6250 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.0.04.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6250 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.0.04.002: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6250 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.1.05.003: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6250 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6500 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 version 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability.