CVE-2025-25528
Last modified
CVE-2025-25528 is a medium-severity vulnerability rated 5.1/10 on the CVSS scale. Multiple buffer overflow vulnerabilities in Wavlink WL-WN575A3 RPT75A3.V4300, which are caused by not performing strict length checks on user-controlled data. By successfully exploiting the vulnerabilities, attackers can crash the remote devices or execute arbitrary commands without any authorization verification.. EPSS estimates a 3.69% chance of exploitation in the next 30 days.
Description
Multiple buffer overflow vulnerabilities in Wavlink WL-WN575A3 RPT75A3.V4300, which are caused by not performing strict length checks on user-controlled data. By successfully exploiting the vulnerabilities, attackers can crash the remote devices or execute arbitrary commands without any authorization verification.
Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Wavlink | Wl-Wn575a3 Firmware | rpt75a3.v4300 |
References
- https://gist.github.com/XiaoCurry/87f3a4412c46fa9c27d2f723136920b8Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-25528?
How severe is CVE-2025-25528?
How do I fix CVE-2025-25528?
Are you affected by CVE-2025-25528?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST