ByteOS Network

NVD Vulnerability Details :

CVE-2025-8819

Analyzed

Source-cna@vuldb.com

Published At-10 Aug, 2025 | 23:15

Updated At-04 Sep, 2025 | 18:40

A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function setWan of the file /goform/setWan. The manipulation of the argument staticIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	7.4	HIGH	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	2.0	9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C

Type: Secondary

Version: 4.0

Base score: 7.4

Base severity: HIGH

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 2.0

Base score: 9.0

Base severity: HIGH

Vector:

AV:N/AC:L/Au:S/C:C/I:C/A:C

CPE Matches

Linksys Holdings, Inc.

>>re6250_firmware>>1.0.04.001

cpe:2.3:o:linksys:re6250_firmware:1.0.04.001:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re6250>>-

cpe:2.3:h:linksys:re6250:-:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re6300_firmware>>1.2.07.001

cpe:2.3:o:linksys:re6300_firmware:1.2.07.001:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re6300>>-

cpe:2.3:h:linksys:re6300:-:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re6350_firmware>>1.0.04.001

cpe:2.3:o:linksys:re6350_firmware:1.0.04.001:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re6350>>-

cpe:2.3:h:linksys:re6350:-:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re7000_firmware>>1.1.05.003

cpe:2.3:o:linksys:re7000_firmware:1.1.05.003:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re7000>>-

cpe:2.3:h:linksys:re7000:-:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re9000_firmware>>1.0.04.002

cpe:2.3:o:linksys:re9000_firmware:1.0.04.002:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re9000>>-

cpe:2.3:h:linksys:re9000:-:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re6500_firmware>>1.0.013.001

cpe:2.3:o:linksys:re6500_firmware:1.0.013.001:*:*:*:*:*:*:*

Linksys Holdings, Inc.

>>re6500>>-

cpe:2.3:h:linksys:re6500:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Secondary	cna@vuldb.com
CWE-121	Secondary	cna@vuldb.com

CWE ID: CWE-119

Type: Secondary

Source: cna@vuldb.com

CWE ID: CWE-121

Type: Secondary

Source: cna@vuldb.com

References

Hyperlink	Source	Resource
https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_53/53.md	cna@vuldb.com	Exploit Third Party Advisory
https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_53/53.md#poc	cna@vuldb.com	Exploit Third Party Advisory
https://vuldb.com/?ctiid.319353	cna@vuldb.com	Permissions Required VDB Entry
https://vuldb.com/?id.319353	cna@vuldb.com	Third Party Advisory VDB Entry
https://vuldb.com/?submit.626683	cna@vuldb.com	Third Party Advisory VDB Entry
https://www.linksys.com/	cna@vuldb.com	Product
https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_53/53.md	134c704f-9b21-4f2e-91b3-4a467353bcc0	Exploit Third Party Advisory
https://github.com/wudipjq/my_vuln/blob/main/Linksys1/vuln_53/53.md#poc	134c704f-9b21-4f2e-91b3-4a467353bcc0	Exploit Third Party Advisory