CVE-2025-4146

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Affected is the function sub_41940. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Published: May 1, 2025
Updated: May 13, 2025
CVE: CVE-2025-4146
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-119
CWE-120

Affected Software
References

Software	From	Fixed in
netgear / ex6200_firmware	1.0.3.94	1.0.3.94.x

https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_ex6200/Buffer_overflow-sub_41940-smb_host_name/README.md
https://vuldb.com/?ctiid.306678
https://vuldb.com/?id.306678
https://vuldb.com/?submit.560800
https://www.netgear.com/

Vulnerability Database

289,697

CVE-2025-4146