216.73.217.98

CVE-2025-14136

· Published 06/12/2025 13:15 · Modified 10/12/2025 18:00

Labels: CVE-2025-14136 2025-12-06CVE-2025-14136CWE-119CWE-787[email protected]

Essential information

Published
06/12/2025 13:15
Modified
10/12/2025 18:00
Author
Creator
CVSS
7.4 HIGH (v3) 7.4 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function RE2000v2Repeater_get_wired_clientlist_setClientsName of the file mod_form.so. The manipulation of the argument clientsname_0 results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
linksys / re6500 firmware cpe:2.3:o:linksys:re6500_firmware:1.0.013.001:*:*:*:*:*:*:*
linksys / re6500 cpe:2.3:h:linksys:re6500:-:*:*:*:*:*:*:*
linksys / re6250 firmware cpe:2.3:o:linksys:re6250_firmware:1.0.04.001:*:*:*:*:*:*:*
linksys / re6250 cpe:2.3:h:linksys:re6250:-:*:*:*:*:*:*:*
linksys / re6300 firmware cpe:2.3:o:linksys:re6300_firmware:1.2.07.001:*:*:*:*:*:*:*
linksys / re6300 cpe:2.3:h:linksys:re6300:-:*:*:*:*:*:*:*
linksys / re6350 firmware cpe:2.3:o:linksys:re6350_firmware:1.0.04.001:*:*:*:*:*:*:*
linksys / re6350 cpe:2.3:h:linksys:re6350:-:*:*:*:*:*:*:*
linksys / re7000 firmware cpe:2.3:o:linksys:re7000_firmware:1.1.05.003:*:*:*:*:*:*:*
linksys / re7000 cpe:2.3:h:linksys:re7000:-:*:*:*:*:*:*:*
linksys / re9000 firmware cpe:2.3:o:linksys:re9000_firmware:1.0.04.002:*:*:*:*:*:*:*
linksys / re9000 cpe:2.3:h:linksys:re9000:-:*:*:*:*:*:*:*

References