Skip to main content

Ex6200 Firmware CVE-2023-38926

HIGH
Classic Buffer Overflow (CWE-120)
2023-08-07 cve@mitre.org
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 07, 2023 - 19:15 nvd
HIGH 8.8

DescriptionNVD

Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wla_temp_ssid parameter at acosNvramConfig_set.

AnalysisAI

Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wla_temp_ssid parameter at acosNvramConfig_set. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wla_temp_ssid parameter at acosNvramConfig_set. Affected products include: Netgear Ex6200 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

CVE-2025-4147 HIGH POC
8.7 May 01

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. Rated high severity (CVSS 8.7), th

CVE-2025-4146 HIGH POC
8.7 May 01

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7),

CVE-2025-4145 HIGH POC
8.7 May 01

A vulnerability, which was classified as critical, has been found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS

CVE-2025-4142 HIGH POC
8.7 Apr 30

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. Rated high severity (CVSS 8.7), th

CVE-2025-4141 HIGH POC
8.7 Apr 30

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7),

CVE-2025-4150 HIGH POC
8.7 May 01

A vulnerability was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exp

CVE-2025-4149 HIGH POC
8.7 May 01

A vulnerability was found in Netgear EX6200 1.0.3.94. Rated high severity (CVSS 8.7), this vulnerability is remotely exp

CVE-2025-4148 HIGH POC
8.7 May 01

A vulnerability was found in Netgear EX6200 1.0.3.94 and classified as critical. Rated high severity (CVSS 8.7), this vu

CVE-2022-24655 HIGH POC
7.8 Mar 18

A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0

CVE-2020-35796 CRITICAL
9.8 Dec 30

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS

CVE-2023-38925 HIGH
8.8 Aug 07

Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_p

CVE-2020-35787 HIGH
8.0 Dec 30

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.0), this

Share

CVE-2023-38926 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy