CVE-2025-4141

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. This affects the function sub_3C03C. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Published: May 1, 2025
Updated: May 13, 2025
CVE: CVE-2025-4141
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-119
CWE-120

Affected Software
References

Software	From	Fixed in
netgear / ex6200_firmware	1.0.3.94	1.0.3.94.x

https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_ex6200/Buffer_overflow-sub_3C03C-bpa_server/README.md
https://vuldb.com/?ctiid.306633
https://vuldb.com/?id.306633
https://vuldb.com/?submit.560789
https://www.netgear.com/

Vulnerability Database

289,697

CVE-2025-4141