What is CVE-2014-125122?

CVE-2014-125122 is a vulnerability in Linksys Wrt120n, classified under Stack-based Buffer Overflow. Published 2025-07-31.

Is CVE-2014-125122 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Linksys Wrt120n

CVE-2014-125122

A stack-based buffer overflow vulnerability exists in the tmUnblock.cgi endpoint of the Linksys WRT120N wireless router. The vulnerability is triggered by sending a specially crafted HTTP POST request with an overly long TM_Block_URL param…

Vulnerability class: Buffer Overflow

EPSS: 0.517 (98.0th percentile) — read the EPSS interpretation.

Affected products

Linksys Wrt120n — versions 1.0.07

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

Public proof-of-concept exploits

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/… (exploit)
www.exploit-db.com/exploits/31758 (exploit)
web.archive.org/web/20210424073058/http://www.devttys0.com/2014/02/wrt120n-fpri… (technical-description, exploit)
www.vulncheck.com/advisories/linksys-wrt120n-stack-based-buffer-overflow-admin-… (third-party-advisory)

Frequently asked questions

What is CVE-2014-125122?: CVE-2014-125122 is a vulnerability in Linksys Wrt120n, classified under Stack-based Buffer Overflow. Published 2025-07-31.
Is CVE-2014-125122 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.