CVE-2025-4120Improper Restriction of Operations within the Bounds of a Memory Buffer in Netgear Jwnr2000v2

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-120Classic Buffer Overflow3 documents3 sources
Severity
8.7HIGHNVD
EPSS
1.2%
top 20.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Netgear Jwnr2000v2Netgear Jwnr2000v2 Firmware
Timeline
PublishedApr 30

Description

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been classified as critical. Affected is the function sub_4238E8. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5netgear/jwnr2000v21.0.0.11

🔴Vulnerability Details

2
CVEList
Netgear JWNR2000v2 sub_4238E8 buffer overflow2025-04-30
GHSA
GHSA-q66q-qwxm-vgrg: A vulnerability was found in Netgear JWNR2000v2 12025-04-30
CVE-2025-4120 — Netgear Jwnr2000v2 vulnerability | cvebase