| Titel | Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) Stack-based Buffer Overflow |
|---|
| Beschreibung | We found an stack overflow vulnerability in Linksys router with firmware which was released recently, allows remote attackers to crash the server.In the router's portRangeForwardAdd function, ruleName、schedule、inboundFilter、TCPPorts、UDPPorts is directly passed by the attacker, If this part of the data is too long, it will cause the stack overflow, so we can control the ruleName、schedule、inboundFilter、TCPPorts、UDPPorts to execute arbitrary code. |
|---|
| Quelle | ⚠️ https://github.com/wudipjq/my_vuln/blob/main/Linksys/vuln_36/36.md |
|---|
| Benutzer | Bond_yes (UID 89043) |
|---|
| Einreichung | 14.08.2025 18:23 (vor 10 Monaten) |
|---|
| Moderieren | 26.08.2025 09:35 (12 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 321397 [Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 bis 1.2.07.001 portRangeForwardAdd ruleName/schedule/inboundFilter/TCPPorts/UDPPorts Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|