A critical, actively exploited buffer overflow vulnerability in Looking Glass Multi-Router Looking Glass (MRLG) allows an unauthenticated, remote attacker to execute arbitrary code on the affected system.**

The software is affected by a buffer overflow vulnerability. A remote, unauthenticated attacker can send a specially crafted request to the MRLG service, triggering the overflow and leading to arbitrary code execution with the privileges of the application.

A successful exploit of this vulnerability would result in a complete compromise of the affected system. This could lead to unauthorized access to sensitive network infrastructure data, system downtime, or the use of the compromised device as a pivot point for further attacks within the network. The assigned CVSS score of 9.5 (Critical) and its inclusion in the CISA KEV catalog underscore the extreme risk and urgency, as this vulnerability is confirmed to be exploited in the wild.

Immediate Action: Per CISA's Binding Operational Directive (BOD) 22-01, federal agencies must apply mitigations per vendor instructions or discontinue use of the product by the deadline of July 27, 2025. All organizations are strongly advised to take this action immediately.

Proactive Monitoring: Review system and network logs for unexpected crashes of the MRLG service, anomalous outbound network connections, or the execution of unauthorized processes on the host system.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) or Intrusion Prevention System (IPS) with rules to inspect and block malformed requests targeting the MRLG interface.

Public Exploit Available: Yes

Given the critical severity, public availability of exploit code, and confirmed active exploitation, this vulnerability poses a direct and immediate threat to affected organizations. We strongly recommend that all administrators prioritize applying the vendor-supplied mitigations or decommissioning the affected product immediately to prevent system compromise. Compliance with the CISA deadline is mandatory for federal entities and a best practice for all other organizations.