CVE-2025-6751 Linksys E8450 HTTP POST Request portal.cgi set_device_language buffer overflow

🗓️ 27 Jun 2025 03:00:15Reported by VulDBType

Critical buffer overflow in Linksys E8450 HTTP POST Request Handler affecting set_device_language function

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the set_device_language() function in the portal.cgi script of Linksys E8450 Wi-Fi router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.	2 Jul 202500:00	–	bdu_fstec
Circl	CVE-2025-6751	27 Jun 202503:51	–	circl
CNNVD	Linksys E8450 安全漏洞	27 Jun 202500:00	–	cnnvd
CVE	CVE-2025-6751	27 Jun 202503:00	–	cve
EUVD	EUVD-2025-28764	3 Oct 202520:07	–	euvd
NVD	CVE-2025-6751	27 Jun 202504:15	–	nvd
Positive Technologies	PT-2025-27044 · Linksys · Linksys E8450	17 Jun 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-6751	29 Jun 202503:27	–	redhatcve
Vulnrichment	CVE-2025-6751 Linksys E8450 HTTP POST Request portal.cgi set_device_language buffer overflow	27 Jun 202503:00	–	vulnrichment

[
  {
    "vendor": "Linksys",
    "product": "E8450",
    "versions": [
      {
        "version": "1.2.00.360516",
        "status": "affected"
      }
    ],
    "modules": [
      "HTTP POST Request Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
linksys	www.linksys.com/
github	www.github.com/CH13hh/tmp_store_cc/blob/main/E8450/1.md
vuldb	www.vuldb.com/
github	www.github.com/CH13hh/tmp_store_cc/blob/main/E8450/1.md

27 Jun 2025 03:00Current

CVSS 48.7

CVSS 3.18.8

CVSS 38.8

CVSS 29

EPSS0.0064