Request a Demo
Rewterz
ICS: Multiple Delta Electronics ISPSoft Vulnerabilities
May 1, 2025
Rewterz
MedusaLocker Ransomware – Active IOCs
May 1, 2025

Multiple Netgear Ex6200 Firmware Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-4140 CVSS:8.8

A vulnerability, which was classified as critical, has been found in Netgear. Affected by this issue is the function sub_30394. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4141 CVSS:8.8

A vulnerability, which was classified as critical, was found in Netgear. This affects the function sub_3C03C. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4142 CVSS:8.8

A vulnerability has been found in Netgear and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4149 CVSS:8.8

A vulnerability was found in Netgear. It has been classified as critical. This affects the function sub_54014. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4148 CVSS:8.8

A vulnerability was found in Netgear. Affected by this issue is the function sub_503FC. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4146 CVSS:8.8

A vulnerability, which was classified as critical, was found in Netgear. Affected is the function sub_41940. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4147 CVSS:8.8

A vulnerability has been found in Netgear and classified as critical. Affected by this vulnerability is the function sub_47F7C. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Impact

  • Buffer Overflow

Indicators of Compromise

CVE

  • CVE-2025-4140

  • CVE-2025-4141

  • CVE-2025-4142

  • CVE-2025-4149

  • CVE-2025-4148

  • CVE-2025-4147

  • CVE-2025-4146

Affected Vendors

  • NETGEAR

Affected Products

  • Netgear Ex6200 Firmware - 1.0.3.94

Remediation

Refer to NETGEAR Security Advisory for patch, upgrade, or suggested workaround information.

NETGEAR Security Advisory