CVE-2025-9253

Summary of CVE-2025-9253 (Linksys devices) : A stack-based buffer overflow in the RP_doSpecifySiteSurvey function (file /goform/RP_doSpecifySiteSurvey) is triggered by manipulating the ssidhex argument. Affected devices are Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000, versions 1.0.0...

CVE-2025-9253 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_doSpecifySiteSurvey stack-based overflow

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RPdoSpecifySiteSurvey of the file /goform/RPdoSpecifySiteSurvey. The manipulation of the argument...

CVE-2025-9253 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_doSpecifySiteSurvey stack-based overflow

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RPdoSpecifySiteSurvey of the file /goform/RPdoSpecifySiteSurvey. The manipulation of the argument...

PT-2025-34166 · Linksys · Linksys Re9000 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 versions 1.0.013.001 through 1.2.07.001 Description: A security vulnerability exists in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 devices. The RP doSpecifySiteSurvey...

Linksys多款产品 安全漏洞

Linksys RE6300 and others are products of Linksys, Inc.Linksys RE6300 is a wireless network signal extender.Linksys RE6250 is a wireless extender.Linksys RE6350 is a wireless extender.Linksys RE6350 is a wireless extender.Linksys RE6350 is a wireless extender.Linksys RE6350 is a wireless...

CVE-2025-55708

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through = 10.2.4...

CVE-2025-6790

The Quiz and Survey Master QSM WordPress plugin before 10.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

Metasploit Weekly Wrap-Up 08/15/2025

Don’t forget to take the Metasploit User Engagement Survey! We had an awesome time at DEF CON and Black Hat with our very own zeroSteiner and jheysel-r7 presenting on five different occasions! We announced our user engagement survey there, and would love for all of you to participate until the en...

CVE-2025-55708

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through = 10.2.4...

Malicious code in hw-survey (npm)

The package hw-survey was found to contain malicious code...

MAL-2025-22825 Malicious code in hw-survey (npm)

The package hw-survey was found to contain malicious code...

CVE-2025-55708 WordPress Quiz And Survey Master Plugin <= 10.2.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through = 10.2.4...

CVE-2025-55708 WordPress Quiz And Survey Master Plugin <= 10.2.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExpressTech Systems Quiz And Survey Master allows SQL Injection. This issue affects Quiz And Survey Master: from n/a through 10.2.4...

CVE-2025-55708

CVE-2025-55708 affects the WordPress plugin Quiz And Survey Master (versions up to 10.2.4). Root cause: SQL Injection due to improper neutralization of input in SQL commands. Impact (per CVSS and sources): Confidentiality high, Availability low; Attack Vector: network; Privileges Required: low; U...

CVE-2025-6790

The CVE concerns WordPress plugin Quiz and Survey Master (QSM) versions before 10.2.3. The root cause is lack of CSRF protection when updating plugin settings, which could allow a logged-in admin to have settings modified via CSRF. The vulnerability is identified across multiple sources with a CV...

CVE-2025-6790 QSM < 10.2.3 - Template Creation via CSRF

The Quiz and Survey Master QSM WordPress plugin before 10.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2025-6790 QSM < 10.2.3 - Template Creation via CSRF

The Quiz and Survey Master QSM WordPress plugin before 10.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

WordPress plugin Quiz And Survey Master SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress plugin Quiz and Survey Master 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2025-33396 · Expresstech Systems · Quiz/Survey Master

Name of the Vulnerable Software and Affected Versions: ExpressTech Systems Quiz And Survey Master versions through 10.2.4 Description: The software contains a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows for potential unauthorized...