CVE-2025-4148

CWE-119 — Buffer Overflow CWE-120 — Classic Buffer Overflow CWE-3544 documents4 sources

Severity

8.7HIGH

EPSS

0.5%

top 32.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netgear Ex6200 Netgear Ex6200 Firmware

Timeline

PublishedMay 1

Description

A vulnerability was found in Netgear EX6200 1.0.3.94 and classified as critical. Affected by this issue is the function sub_503FC. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5netgear/ex62001.0.3.94

▶NVDnetgear/ex6200_firmware1.0.3.94

🔴Vulnerability Details

CVEList

Netgear EX6200 sub_503FC buffer overflow↗2025-05-01

▶

GHSA

GHSA-fq8g-w74w-m345: A vulnerability was found in Netgear EX6200 1↗2025-05-01

▶

📋Vendor Advisories

Microsoft

A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of servic↗2022-03-08

▶