CVE-2025-4150

CWE-119 — Buffer Overflow CWE-120 — Classic Buffer Overflow CWE-416 — Use After Free4 documents4 sources

Severity

8.7HIGH

EPSS

0.5%

top 32.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netgear Ex6200 Netgear Ex6200 Firmware

Timeline

PublishedMay 1

Description

A vulnerability was found in Netgear EX6200 1.0.3.94. It has been declared as critical. This vulnerability affects the function sub_54340. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5netgear/ex62001.0.3.94

▶NVDnetgear/ex6200_firmware1.0.3.94

🔴Vulnerability Details

CVEList

Netgear EX6200 sub_54340 buffer overflow↗2025-05-01

▶

GHSA

GHSA-vv97-g4jh-67w7: A vulnerability was found in Netgear EX6200 1↗2025-05-01

▶

📋Vendor Advisories

Microsoft

A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue resu↗2022-03-08

▶