
CVE-2025-6565 – Netgear WNCE3001 HTTP POST Request http_d stack-based overflow
https://notcve.org/view.php?id=CVE-2025-6565
24 Jun 2025 — A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. • https://github.com/xiaobor123/vul-finds/tree/main/vul-find-wnce3001-netgear • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVE-2025-6511 – Netgear EX6150 sub_410090 stack-based overflow
https://notcve.org/view.php?id=CVE-2025-6511
23 Jun 2025 — A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.46_1.0.76. This affects the function sub_410090. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/xiaobor123/vul-finds/tree/main/vul-find-ex6150-netgear • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVE-2025-6510 – Netgear EX6100 sub_415EF8 stack-based overflow
https://notcve.org/view.php?id=CVE-2025-6510
23 Jun 2025 — A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated as critical. Affected by this issue is the function sub_415EF8. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. • https://github.com/xiaobor123/vul-finds/tree/main/vul-find-ex6100-netgear • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVE-2025-5934 – Netgear EX3700 mtd sub_41619C stack-based overflow
https://notcve.org/view.php?id=CVE-2025-5934
10 Jun 2025 — A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It has been classified as critical. Affected is the function sub_41619C of the file /mtd. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. • https://github.com/xiaobor123/vul-finds/tree/main/vul-find-ex3700-netgear • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVE-2025-5495 – Netgear WNR614 URL improper authentication
https://notcve.org/view.php?id=CVE-2025-5495
03 Jun 2025 — A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical. This affects an unknown part of the component URL Handler. The manipulation with the input %00currentsetting.htm leads to improper authentication. It is possible to initiate the attack remotely. • https://github.com/Shuanunio/CVE_Requests/blob/main/Netgear/WNR614/ACL%20bypass%20Vulnerability%20in%20Netgear%20WNR614.md • CWE-287: Improper Authentication •

CVE-2025-4980 – Netgear DGND3700 mini_http currentsetting.htm information disclosure
https://notcve.org/view.php?id=CVE-2025-4980
20 May 2025 — A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA and classified as problematic. This vulnerability affects unknown code of the file /currentsetting.htm of the component mini_http. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/at0de/my_vulns/blob/main/Netgear/DGND3700v2/currentsetting.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •

CVE-2025-4978 – Netgear DGND3700 Basic Authentication BRS_top.html improper authentication
https://notcve.org/view.php?id=CVE-2025-4978
20 May 2025 — A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1.00.15NA. This affects an unknown part of the file /BRS_top.html of the component Basic Authentication. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/at0de/my_vulns/blob/main/Netgear/DGND3700v2/backdoor.md • CWE-287: Improper Authentication •

CVE-2025-4977 – Netgear DGND3700 BRS_top.html information disclosure
https://notcve.org/view.php?id=CVE-2025-4977
20 May 2025 — A vulnerability, which was classified as problematic, has been found in Netgear DGND3700 1.1.00.15_1.00.15NA. Affected by this issue is some unknown functionality of the file /BRS_top.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/at0de/my_vulns/blob/main/Netgear/DGND3700v2/BRS_top.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •

CVE-2025-4150 – Netgear EX6200 sub_54340 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4150
01 May 2025 — A vulnerability was found in Netgear EX6200 1.0.3.94. It has been declared as critical. This vulnerability affects the function sub_54340. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. • https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_ex6200/Buffer_overflow-sub_54340-gui_region/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVE-2025-4149 – Netgear EX6200 sub_54014 buffer overflow
https://notcve.org/view.php?id=CVE-2025-4149
01 May 2025 — A vulnerability was found in Netgear EX6200 1.0.3.94. It has been classified as critical. This affects the function sub_54014. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. • https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_ex6200/Buffer_overflow-sub_54014-gui_region/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •