CVE-2025-6751
BaseFortify
Publication date: 2025-06-27
Last updated on: 2025-06-30
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6751 is a critical buffer overflow vulnerability in the Linksys E8450 router firmware up to version 1.2.00.360516. It occurs in the set_device_language function of the portal.cgi file, where the dut_language parameter is improperly handled. An attacker can send a specially crafted HTTP POST request with malicious JSON data manipulating this parameter, causing a buffer overflow. This overflow allows the attacker to overwrite the return address on the stack and execute arbitrary commands on the device remotely without authentication. [1, 2]
How can this vulnerability impact me? :
Exploitation of this vulnerability can compromise the confidentiality, integrity, and availability of the affected device. An attacker can remotely execute arbitrary commands on the router, potentially taking full control of it. This can lead to unauthorized access, disruption of network services, and further attacks on connected systems. Since no mitigations are currently known and the vendor did not respond, affected devices remain at high risk. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for specially crafted HTTP POST requests targeting the portal.cgi file, specifically those manipulating the dut_language parameter in the set_device_language function. Detection involves inspecting HTTP POST traffic for unusual or oversized dut_language parameters that could trigger the buffer overflow. Since the exploit uses JSON data in the POST request, commands or tools that capture and analyze HTTP POST requests (such as tcpdump, Wireshark, or HTTP proxy logs) can be used. For example, using tcpdump to capture HTTP POST requests to portal.cgi and then filtering for requests containing 'dut_language' in the payload can help identify potential exploit attempts. Specific commands might include: tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep 'portal.cgi' | grep 'dut_language'. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include discontinuing use of the affected Linksys E8450 router firmware versions up to 1.2.00.360516, as no vendor patches or mitigations are currently available. It is recommended to replace the affected device with an alternative product to avoid exploitation. Additionally, network administrators should implement network-level protections such as blocking or filtering HTTP POST requests to portal.cgi from untrusted sources, and monitoring for suspicious traffic patterns targeting this endpoint. Applying network segmentation and restricting remote access to the device can also reduce exposure. [2]