CVE-2025-6751 | Linksys E8450 up to 1.2.00.360516 HTTP POST Request portal.cgi set_device_language dut_language buffer overflow

A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function set_device_language of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dut_language leads to buffer overflow.

This vulnerability is uniquely identified as CVE-2025-6751. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More