CVE-2025-52080

CWE-121 — Stack-based Buffer Overflow3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.1%

top 74.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netgear Xr300 Firmware

Timeline

PublishedJul 15

Description

In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the share_name parameter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages1 packages

▶NVDnetgear/xr300_firmware1.0.3.38

🔴Vulnerability Details

GHSA

GHSA-25r2-9vcc-j43c: In Netgear XR300 V1↗2025-07-15

▶

CVEList

CVE-2025-52080: In Netgear XR300 V1↗2025-07-15

▶