CVE-2025-9362 – Linksys Router Stack-Based Buffer Overflow Vulnerability

August 23, 2025

CVE ID : CVE-2025-9362

Published : Aug. 23, 2025, 2:15 p.m. | 12 hours, 22 minutes ago

Description : A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function urlFilterManageRule of the file /goform/urlFilterManageRule. Executing manipulation of the argument urlFilterRuleName/scheduleUrl/addURLFilter can lead to stack-based buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-36157 – IBM Jazz Foundation Unauthorized File Update Vulnerability

Next Article CVE-2025-9363 – Linksys Wi-Fi Router Stack-Based Buffer Overflow Vulnerability

Highlights

CVE-2025-53836 – XWiki Rendering Macro Execution Bypass

July 15, 2025

CVE ID : CVE-2025-53836

Published : July 15, 2025, 12:15 a.m. | 2 hours, 14 minutes ago

Description : XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn’t preserve the restricted attribute of the transformation context when executing nested macros. This allows executing macros that are normally forbidden in restricted mode, in particular script macros. The cache and chart macros that are bundled in XWiki use the vulnerable feature. This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. To avoid the exploitation of this bug, comments can be disabled for untrusted users until an upgrade to a patched version has been performed. Note that users with edit rights will still be able to add comments via the object editor even if comments have been disabled.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

KB5058499 finally makes Windows 11 24H2 stable for gaming, and it wasn’t Nvidia’s fault

May 29, 2025

Get a ‘Legion Go S’ alternative to the Steam Deck for $499.99 with Windows — Honestly, it should have launched at this price anyway

August 15, 2025

CVE-2025-5961 – NGINX WordPress Plugin WPvivid Backup & Migration Arbitrary File Upload Vulnerability

July 3, 2025

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Xbox Game Pass gets Gears of War: Reloaded, Dragon Age: The Veilguard, and more — here’s what is coming through the rest of August

Resident Evil ‘9’ Requiem has some of the most incredible lighting I’ve seen in a game — and Capcom uses it as a weapon

CVE-2025-9362 – Linksys Router Stack-Based Buffer Overflow Vulnerability

Blue Locker ransomware hits critical infrastructure – is your organisation ready?

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

CVE-2025-37993 – Linux Kernel: CAN: Uninitialized Spin Lock in m_can_class_allocate_dev

CVE-2025-5881 – Code-projects Chat System SQL Injection Vulnerability

CVE-2025-32964 – ManageWiki Extension Privilege Escalation Vulnerability

CVE-2025-7857 – “PHPGurukul Apartment Visitors Management System Cross Site Scripting Vulnerability”

CVE-2025-53836 – XWiki Rendering Macro Execution Bypass

KB5058499 finally makes Windows 11 24H2 stable for gaming, and it wasn’t Nvidia’s fault

Get a ‘Legion Go S’ alternative to the Steam Deck for $499.99 with Windows — Honestly, it should have launched at this price anyway

CVE-2025-5961 – NGINX WordPress Plugin WPvivid Backup & Migration Arbitrary File Upload Vulnerability

CVE-2025-9362 – Linksys Router Stack-Based Buffer Overflow Vulnerability

Related Posts