Router Risk: New FreeBSD Flaw Exploits IPv6 to Grant Remote Code Execution
A newly discovered vulnerability in FreeBSD components responsible for IPv6 configuration allows an attacker on the same local network to remotely execute arbitrary code on a target system. The flaw affects all supported versions of the operating system and requires immediate remediation to secure affected devices.
The vulnerability resides in the utilities rtsold and rtsol, which process router advertisement messages as part of IPv6 address autoconfiguration. These programs were found to inadequately validate a parameter containing domain suffixes within such messages, passing it unchecked to resolvconf, the utility tasked with updating DNS configuration.
Crucially, resolvconf is implemented as a shell script and does not sanitize its input. The lack of proper escaping means that any malicious payload embedded in the domain list parameter can be executed by the system. As a result, an attacker within the same subnet can run commands on the target device without administrative privileges or prior interaction.
According to the FreeBSD developers, the issue is confined to the local network, as router advertisement messages are not routed beyond network segments. Nevertheless, it affects all systems that rely on IPv6 autoconfiguration—specifically interfaces with the ACCEPT_RTADV flag enabled, which can be verified using ifconfig.
Users who do not utilize IPv6 are not exposed to this risk. In all other cases, an urgent system update is strongly advised. Patches are already available for all supported FreeBSD branches, including versions 15.0, 14.3, and 13.5. Updates can be applied either through the built-in binary update mechanism or by incorporating the fixes directly from source.
The vulnerability has been assigned the identifier CVE-2025-14558. Fixes were published on December 16, 2025, and have been incorporated into both the stable and release branches of FreeBSD.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
