Sign-up

ID

VAR-202512-0267


CVE

CVE-2025-14136


DESCRIPTION

A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function RE2000v2Repeater_get_wired_clientlist_setClientsName of the file mod_form.so. The manipulation of the argument clientsname_0 results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Trust: 1.0

sources: NVD: CVE-2025-14136

AFFECTED PRODUCTS

vendor:linksysmodel:re7000scope:eqversion:1.1.05.003

Trust: 1.0

vendor:linksysmodel:re6300scope:eqversion:1.2.07.001

Trust: 1.0

vendor:linksysmodel:re6350scope:eqversion:1.0.04.001

Trust: 1.0

vendor:linksysmodel:re9000scope:eqversion:1.0.04.002

Trust: 1.0

vendor:linksysmodel:re6250scope:eqversion:1.0.04.001

Trust: 1.0

vendor:linksysmodel:re6500scope:eqversion:1.0.013.001

Trust: 1.0

sources: NVD: CVE-2025-14136

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-14136
value: HIGH

Trust: 1.0

cna@vuldb.com: CVE-2025-14136
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

cna@vuldb.com: CVE-2025-14136
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2025-14136

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-121

Trust: 1.0

sources: NVD: CVE-2025-14136

EXTERNAL IDS

db:VULDBid:334525

Trust: 1.0

db:NVDid:CVE-2025-14136

Trust: 1.0

sources: NVD: CVE-2025-14136

REFERENCES

url:https://www.linksys.com/

Trust: 1.0

url:https://vuldb.com/?ctiid.334525

Trust: 1.0

url:https://vuldb.com/?id.334525

Trust: 1.0

url:https://vuldb.com/?submit.697983

Trust: 1.0

url:https://github.com/wudipjq/my_vuln/blob/main/linksys2/vuln_65/65.md#poc

Trust: 1.0

url:https://github.com/wudipjq/my_vuln/blob/main/linksys2/vuln_65/65.md

Trust: 1.0

sources: NVD: CVE-2025-14136

SOURCES

db:NVDid:CVE-2025-14136

LAST UPDATE DATE

2025-12-19T22:49:40.078000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2025-14136date:2025-12-10T18:00:03.980

SOURCES RELEASE DATE

db:NVDid:CVE-2025-14136date:2025-12-06T13:15:59.820