CVE-2025-4146Improper Restriction of Operations within the Bounds of a Memory Buffer in Netgear Ex6200

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-120Classic Buffer Overflow3 documents3 sources
Severity
8.7HIGHNVD
EPSS
1.2%
top 20.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Netgear Ex6200Netgear Ex6200 Firmware
Timeline
PublishedMay 1

Description

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Affected is the function sub_41940. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5netgear/ex62001.0.3.94

🔴Vulnerability Details

2
GHSA
GHSA-wx5q-27xg-gppc: A vulnerability, which was classified as critical, was found in Netgear EX6200 12025-05-01
CVEList
Netgear EX6200 sub_41940 buffer overflow2025-05-01
CVE-2025-4146 — Netgear Ex6200 vulnerability | cvebase