CVE-2025-14133

CVE-2025-14133 is a stack-based buffer overflow vulnerability affecting the function AP_get_wireless_clientlist_setClientsName in the mod_form.so file on Linksys Wi-Fi range extenders, specifically models RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000 running firmware versions 1.0.013.001, 1.0.04.001, 1.0.04.002, 1.1.05.003, or 1.2.07.001. The issue stems from improper handling of the clientsname_0 argument, as classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-121 (Stack-based Buffer Overflow), and CWE-787 (Out-of-bounds Write). It carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for remote exploitation.

Attackers with low privileges (PR:L), such as authenticated users on the network, can exploit this remotely over the network (AV:N) with low complexity and no user interaction required. Successful exploitation allows arbitrary code execution, potentially granting high-impact confidentiality, integrity, and availability compromises, including full device takeover, data theft, or further network pivoting from the compromised range extender.

VulDB advisories and referenced GitHub repositories detail a publicly available proof-of-concept exploit but note no vendor response despite early disclosure contact; no patches, mitigations, or official advisories from Linksys are mentioned. Security practitioners should isolate affected devices, monitor for anomalous traffic to wireless client list endpoints, and consider firmware downgrade or replacement with unsupported models until updates emerge.

The exploit POC has been disclosed publicly via GitHub, increasing the risk of widespread abuse, though no confirmed real-world exploitation in the wild is reported.