CVE-2025-54401
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-07

Last updated on: 2025-11-03

Assigner: Talos

Description
Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `submit-url` request parameter.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-07
Last Modified
2025-11-03
Generated
2026-05-06
AI Q&A
2025-10-07
EPSS Evaluated
2026-05-05
NVD
CVE-2025-54401
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
planet wgr-500_firmware 1.3411b190912
planet wgr-500 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves multiple stack-based buffer overflow issues in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. An attacker can exploit these by sending a specially crafted series of HTTP requests, particularly manipulating the 'submit-url' request parameter, which leads to a stack-based buffer overflow.


How can this vulnerability impact me? :

The vulnerability can lead to severe impacts including high confidentiality, integrity, and availability risks. An attacker with low privileges can remotely exploit this vulnerability to execute arbitrary code or cause a denial of service, potentially compromising the affected device and network.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart