CVE-2025-9526

Exploit

EPSS 0.11%
Published 27.08.2025 12:32:09
Last modified 29.08.2025 16:24:09
Source cna@vuldb.com
Teams watchlist Login
Open Login

A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this issue is the function setSysAdm of the file /goform/setSysAdm. Such manipulation of the argument rm_port leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected products Warnungen 0 Metrics 4 CWE 2 References 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinksys

≫

Product E1700

Version 1.0.0.4.003

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.293

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
cna@vuldb.com	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cna@vuldb.com	7.4	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
cna@vuldb.com	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

https://www.linksys.com/

https://vuldb.com/?id.321543

https://vuldb.com/?ctiid.321543

https://vuldb.com/?submit.634825

https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_59/59.md

https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_59/59.md#poc

https://nvd.nist.gov/vuln/detail/CVE-2025-9526

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-9526

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-9526

EUVD