Safety researchers have disclosed three important vulnerabilities within the Netgear EX6200 Wi-Fi vary extender that would enable distant attackers to realize unauthorized entry and steal delicate knowledge.
The failings have an effect on firmware model 1.0.3.94 and have been assigned the CVEs CVE-2025-4148, CVE-2025-4149, and CVE-2025-4150. Regardless of early notification, Netgear has but to answer these stories, leaving customers uncovered.
The Netgear EX6200 is a broadly used system designed to spice up Wi-Fi protection for houses and small companies.
With its reputation comes an elevated safety danger when vulnerabilities emerge-especially after they allow distant code execution or knowledge theft assaults.
The desk under summarizes the important thing details about the three CVEs:
| CVE ID | Affected Product (Model) | CWE Kind | CVSSv3 Rating | Affect |
| CVE-2025-4148 | Netgear EX6200 (1.0.3.94) | CWE-120 (Buffer Overflow), CWE-119 (Reminiscence Corruption) | 8.8 (Excessive) | Distant code execution, knowledge theft |
| CVE-2025-4149 | Netgear EX6200 (1.0.3.94) | CWE-120, CWE-119 | 8.8 (Excessive) | Distant entry, knowledge theft |
| CVE-2025-4150 | Netgear EX6200 (1.0.3.94) | CWE-120, CWE-119 | 8.8 (Excessive) | Distant entry, knowledge theft |
Technical Evaluation
All three vulnerabilities stem from improper dealing with of arguments handed to particular inner features (sub_503FC, sub_54014, and sub_54340).
When an attacker manipulates the host argument, it triggers a buffer overflow-potentially permitting arbitrary code execution, full system compromise, or theft of delicate knowledge transiting by means of or saved on the system.
The failings might be triggered remotely with out consumer interplay, making them particularly harmful for uncovered gadgets, akin to these configured for distant administration or poorly secured behind weak firewalls.
Every CVE is assessed as important with CVSS scores of 8.8 (HIGH) beneath model 3.1, indicating the excessive probability of exploitation and extreme penalties.
The vulnerabilities enable attackers to bypass most safety controls, achieve low-privilege entry, and escalate privileges-potentially taking full management of the system.
- Distant Code Execution: Attackers could execute arbitrary code, set up malware, or pivot into inner networks.
- Knowledge Theft: Delicate data-such as community credentials, passwords, or personal documents-can be exfiltrated.
- Botnet Enlistment: Susceptible gadgets may very well be conscripted into botnets for DDoS campaigns or different malicious exercise.
Netgear was contacted relating to these vulnerabilities however, as of publication, has not issued a patch or advisory. Customers are strongly urged to disable distant administration, limit community entry to the system, and monitor for updates or third-party mitigations.
- Replace Firmware (if a patch turns into obtainable).
- Limit Exterior Entry by disabling distant configuration choices.
- Phase the Community to reduce publicity.
- Monitor System Logs for uncommon or unauthorized exercise.
Till Netgear releases a repair, the EX6200 stays weak. Customers ought to assess their danger, apply mitigating actions, and think about changing or isolating affected gadgets.
Discover this Information Fascinating! Observe us on Google Information, LinkedIn, & X to Get Immediate Updates!
