CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4141 – Netgear EX6200 sub_3C03C buffer overflow
https://notcve.org/view.php?id=CVE-2025-4141
30 Apr 2025 — A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. This affects the function sub_3C03C. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way. • https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_ex6200/Buffer_overflow-sub_3C03C-bpa_server/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4140 – Netgear EX6120 sub_30394 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4140
30 Apr 2025 — A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Affected by this issue is the function sub_30394. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. • https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_ex6200/Buffer_overflow-sub_30394-wifi_2g_onoff_sche/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4139 – Netgear EX6120 fwAcosCgiInbound buffer overflow
https://notcve.org/view.php?id=CVE-2025-4139
30 Apr 2025 — A vulnerability classified as critical was found in Netgear EX6120 1.0.0.68. Affected by this vulnerability is the function fwAcosCgiInbound. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. • https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_ex6120/Buffer_overflow-fwAcosCgiInbound-port_end/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 1%CPEs: 10EXPL: 0CVE-2025-4135 – Netgear WG302v2 ui_get_input_value command injection
https://notcve.org/view.php?id=CVE-2025-4135
30 Apr 2025 — A vulnerability was found in Netgear WG302v2 up to 5.2.9 and classified as critical. Affected by this issue is the function ui_get_input_value. The manipulation of the argument host leads to command injection. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. • https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_WG302v2/Command_injection-basic_settings_handler-static-ip-update/README.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4122 – Netgear JWNR2000v2 sub_435E04 command injection
https://notcve.org/view.php?id=CVE-2025-4122
30 Apr 2025 — A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been rated as critical. Affected by this issue is the function sub_435E04. The manipulation of the argument host leads to command injection. The attack may be launched remotely. • https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_JWNR2000v2/Command_injection-sub_435E04-auth_mac/README.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4121 – Netgear JWNR2000v2 cmd_wireless command injection
https://notcve.org/view.php?id=CVE-2025-4121
30 Apr 2025 — A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been declared as critical. Affected by this vulnerability is the function cmd_wireless. The manipulation of the argument host leads to command injection. The attack can be launched remotely. • https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_JWNR2000v2/Command_injection-cmd_wireless-port_phy_set/README.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4120 – Netgear JWNR2000v2 sub_4238E8 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4120
30 Apr 2025 — A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been classified as critical. Affected is the function sub_4238E8. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. • https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_JWNR2000v2/Buffer_overflow-sub_4238E8-log_type/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4117 – Netgear JWNR2000v2 sub_41A914 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4117
30 Apr 2025 — A vulnerability, which was classified as critical, was found in Netgear JWNR2000v2 1.0.0.11. This affects the function sub_41A914. The manipulation of the argument host leads to buffer overflow. The vendor was contacted early about this disclosure but did not respond in any way. Es wurde eine kritische Schwachstelle in Netgear JWNR2000v2 1.0.0.11 gefunden. • https://vuldb.com/?id.306597 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4116 – Netgear JWNR2000v2 get_cur_lang_ver buffer overflow
https://notcve.org/view.php?id=CVE-2025-4116
30 Apr 2025 — A vulnerability, which was classified as critical, has been found in Netgear JWNR2000v2 1.0.0.11. Affected by this issue is the function get_cur_lang_ver. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. • https://vuldb.com/?id.306596 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4115 – Netgear JWNR2000v2 default_version_is_new buffer overflow
https://notcve.org/view.php?id=CVE-2025-4115
30 Apr 2025 — A vulnerability classified as critical was found in Netgear JWNR2000v2 1.0.0.11. Affected by this vulnerability is the function default_version_is_new. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. • https://vuldb.com/?id.306595 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •