Overview
CVE-2025-9246 is a critical vulnerability found in several models of Linksys wireless range extenders. This flaw exposes the devices to the risk of a stack-based buffer overflow attack, which can be executed remotely. The affected devices include Linksys models RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000. This vulnerability is of significant importance because of the potential for system compromise and data leakage. The vendor, Linksys, has been contacted about the issue but has yet to respond or provide a patch.
Vulnerability Summary
CVE ID: CVE-2025-9246
Severity: Critical (CVSS 8.8)
Attack Vector: Remote
Privileges Required: None
User Interaction: None
Impact: Potential system compromise or data leakage
Affected Products
Share secrets securely
Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.
Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.
- • Encrypted identity
- • Private Spaces for organizations and teams
- • End-to-end encrypted chat, calls, files, and notes
- • Sensitive AI work and protected collaboration
- • Built for information that cannot leak
Our mission is to secure human work alongside AI.
Product | Affected Versions
Linksys RE6250 | 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001
Linksys RE6300 | 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001
Linksys RE6350 | 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001
Linksys RE6500 | 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001
Linksys RE7000 | 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001
Linksys RE9000 | 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001
How the Exploit Works
The vulnerability lies in the function “check_port_conflict” of the file “/goform/check_port_conflict. The manipulation of the argument “single_port_rule/port_range_rule” can lead to a stack-based buffer overflow. Buffer overflow occurs when more data is put into a buffer than it can handle, causing an overflow of data into adjacent storage. This overflow can overwrite other data or cause the executing program to crash, potentially leading to execution of arbitrary code or complete system compromise.
Conceptual Example Code
POST /goform/check_port_conflict HTTP/1.1
Host: target.example.com
Content-Type: application/x-www-form-urlencoded
single_port_rule=1&port_range_rule=%sIn the above example, `%s` represents a string of characters that is longer than what the buffer in the “check_port_conflict” function can handle. This causes a buffer overflow, potentially allowing the attacker to execute arbitrary code or compromise the entire system.
Mitigation Guidance
In the absence of a patch from the vendor, it is recommended to use a Web Application Firewall (WAF) or Intrusion Detection System (IDS) to detect and prevent any attempts to exploit this vulnerability. Monitor network traffic for any unusual activity and ensure that all devices are running the latest firmware version.