CVE Catalog
CVE-2025-22904
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.61%
45th percentile - higher than 45% of all known CVEs
Summary
A stack overflow vulnerability was discovered in RE11S v1.11 via the pptpUserName parameter in the setWAN function. This flaw could allow an attacker to execute arbitrary code or cause a denial of service.
Risk Assessment
The risk for the organization includes potential takeover of the network device, leading to network compromise, data leakage, or service disruption.
Recommendation
Immediately update the RE11S firmware to the latest version if a patch is available. If not, restrict access to the device's management interface to trusted networks only.
Original NVD description (English source)
RE11S v1.11 was discovered to contain a stack overflow via the pptpUserName parameter in the setWAN function.

