← Back

CVE-2025-8828

nvd nist
Published: Aug 11, 2025Modified: Apr 29, 2026

JSON object

Loading...
2.1
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Show more
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: CNA (Secondary)

Description

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function ipv6cmd of the file /goform/setIpv6. The manipulation of the argument Ipv6PriDns/Ipv6SecDns/Ipv6StaticGateway/LanIpv6Addr/LanPrefixLen/pppoeUser/pppoePass/pppoeIdleTime/pppoeRedialPeriod/Ipv6in4_PrefixLen/LocalIpv6/RemoteIpv4/LanIPv6_Prefix/LanPrefixLen/ipv6to4Relay/ipv6rdRelay/tunrd_PrefixLen/wan_UseLinkLocal/Ipv6StaticIp/Ipv6PrefixLen leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected (6)

Linksys
6 products
Re6250 Firmware
Re6300 Firmware
Re6350 Firmware
Re7000 Firmware
Re9000 Firmware
Re6500 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Re6250 Firmware
Version 1.0.04.001
Running on/withPlatform Versions
Linksys
Re6250
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Re6300 Firmware
Version 1.2.07.001
Running on/withPlatform Versions
Linksys
Re6300
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Re6350 Firmware
Version 1.0.04.001
Running on/withPlatform Versions
Linksys
Re6350
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Re7000 Firmware
Version 1.1.05.003
Running on/withPlatform Versions
Linksys
Re7000
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Re9000 Firmware
Version 1.0.04.002
Running on/withPlatform Versions
Linksys
Re9000
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Re6500 Firmware
Version 1.0.013.001
Running on/withPlatform Versions
Linksys
Re6500
All versions

Related CWEs

CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (8)

Source: cna@vuldb.com
ExploitThird Party Advisory
Source: cna@vuldb.com
ExploitThird Party Advisory
Source: cna@vuldb.com
Permissions RequiredVDB Entry
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry
Source: cna@vuldb.com
Product
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
ExploitThird Party Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
ExploitThird Party Advisory

Timeline

No history available yet.