CVE-2025-62526
OpenWrt ubusd vulnerable to heap buffer overflow
Description
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The affected code is executed before running the ACL checks, all ubus clients are able to send such messages. In addition to the heap corruption, the crafted subscription also results in a bypass of the listen ACL. This is fixed in OpenWrt 24.10.4. There are no workarounds.
INFO
Published Date :
Oct. 22, 2025, 3:16 p.m.
Last Modified :
Oct. 22, 2025, 9:12 p.m.
Remotely Exploit :
No
Source :
[email protected]
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | HIGH | [email protected] |
Solution
- Update OpenWrt to version 24.10.4 or later.
- Ensure ubusd is updated to the patched version.
- Reboot affected devices after the update.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-62526.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-62526 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-62526
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-62526 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2025-62526 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by [email protected]
Oct. 22, 2025
Action Type Old Value New Value Added Description OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitrary code in the context of the ubus daemon. The affected code is executed before running the ACL checks, all ubus clients are able to send such messages. In addition to the heap corruption, the crafted subscription also results in a bypass of the listen ACL. This is fixed in OpenWrt 24.10.4. There are no workarounds. Added CVSS V3.1 AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H Added CWE CWE-122 Added Reference https://github.com/openwrt/openwrt/commit/4b907e69ea58fc0ba35fd1755dc4ba22262af3a4 Added Reference https://github.com/openwrt/openwrt/commit/a7901969932a175cded3c93bdeb65f32ed3705e6 Added Reference https://github.com/openwrt/openwrt/security/advisories/GHSA-cp32-65v4-cp73 Added Reference https://github.com/openwrt/ubus/commit/60e04048a0e2f3e33651c19e62861b41be4c290f Added Reference https://github.com/openwrt/ubus/commit/aa4a7ee1d3417bc11207ad0a78d579ece7fe0c13 Added Reference https://github.com/openwrt/ubus/commit/d31effb4277bd557f5ccf16d909422718c1e49d0 Added Reference https://openwrt.org/advisory/2025-10-22-1