CVE-2025-25527

EPSS 0.06%
Veröffentlicht 11.02.2025 20:15:38
Zuletzt bearbeitet 13.08.2025 14:07:57
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Buffer overflow vulnerability in Ruijie RG-NBR2600S Gateway 10.3(4b12) due to the lack of length verification, which is related to the configuration of source address NAT rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ruijie ≫ Rg-nbr2600s Firmware Version10.3(4b12)

Ruijie ≫ Rg-nbr2600s Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.181

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.1	2.5	2.5	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://gist.github.com/XiaoCurry/354620285280aca98acba94a9c5fffb6

Broken Link

https://nvd.nist.gov/vuln/detail/CVE-2025-25527

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-25527

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-25527

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-25527