Buffer Overflow Vulnerability in Linksys E8450 Router by Linksys
CVE-2025-6751

8.7HIGH

Key Information:

Vendor

Linksys
Status
E8450
Vendor
CVE Published:
27 June 2025

What is CVE-2025-6751?

A buffer overflow vulnerability has been identified in the HTTP POST request handler of Linksys E8450 routers, specifically within the set_device_language function of the portal.cgi file. An attacker could manipulate the 'dut_language' argument, potentially leading to execution of arbitrary code. This vulnerability allows for remote exploitation, posing significant security concerns. The details have been disclosed publicly, and the lack of timely acknowledgment from the vendor amplifies the urgency for users to apply available mitigations or updates.

Affected Version(s)

E8450 1.2.00.360516

References

https://vuldb.com/?id.314049
vdb-entrytechnical-description
https://vuldb.com/?ctiid.314049
signaturepermissions-required
https://vuldb.com/?submit.598217
third-party-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

CH13hh (VulDB User)
.
CVE-2025-6751 : Buffer Overflow Vulnerability in Linksys E8450 Router by Linksys