Stack Overflow Vulnerability in RE11S by Edimax
CVE-2025-22916

9.8CRITICAL

Key Information:

Vendor: Edimax
Status: RE11S
Vendor: CVE Published:; 16 January 2025

What is CVE-2025-22916?

The RE11S product version 1.11 developed by Edimax is susceptible to a stack overflow vulnerability that occurs through the pppUserName parameter in the formPPPoESetup function. This flaw can potentially be exploited by attackers to execute arbitrary code, leading to unintended behavior or a complete system compromise. Organizations using this version of RE11S should ensure timely updates and implement necessary security measures to mitigate the risk of exploitation.

References

https://www.edimax.com/edimax/global/

http://re11s.com

https://github.com/xyqer1/RE11S_1.11-formPPPoESetup-Stack...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 16, 2025
Vulnerability Reserved
Jan 9, 2025