CVE-2025-14134

Name of the Vulnerable Software and Affected Versions Linksys RE6500 versions 1.0.013.001 through 1.2.07.001 Linksys RE6250 versions 1.0.013.001 through 1.2.07.001 Linksys RE6300 versions 1.0.013.001 through 1.2.07.001 Linksys RE6350 versions 1.0.013.001 through 1.2.07.001 Linksys RE7000 versions 1.0.013.001 through 1.2.07.001 Linksys RE9000 versions 1.0.013.001 through 1.2.07.001

Description A stack-based buffer overflow exists in the RE2000v2Repeater get wireless clientlist setClientsName function within the mod form.so file. Manipulation of the clientsname 0 argument can trigger this issue, allowing for remote exploitation. The vulnerability has been publicly disclosed.

Recommendations Linksys RE6500 versions 1.0.013.001 through 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6250 versions 1.0.013.001 through 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6300 versions 1.0.013.001 through 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE6350 versions 1.0.013.001 through 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE7000 versions 1.0.013.001 through 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Linksys RE9000 versions 1.0.013.001 through 1.2.07.001: At the moment, there is no information about a newer version that contains a fix for this vulnerability.