Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2025
CVE-2025-27128
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-08-11
CVE-2025-27536
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-08-11
CVE-2025-26690
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-08-11
CVE-2025-24844
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-08-11
CVE-2025-24925
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-08-11
CVE-2025-25212
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-08-11
CVE-2025-25278
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-08-11
CVE-2025-24298
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-08-11
CVE-2025-8825
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function RP_setBasicAuto of the file /goform/RP_setBasicAuto. The manipulation of the argument staticIp/staticNetmask leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
2.1
EPSS Score
0.007
Published
2025-08-11
CVE-2025-8826
A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function um_rp_autochannel of the file /goform/RP_setBasicAuto. The manipulation of the argument apcli_AuthMode_2G/apcli_AuthMode_5G leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
7.4
EPSS Score
0.003
Published
2025-08-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved