Skip to main content

Netgear CVE-2025-6565

| EUVDEUVD-2025-19007 HIGH
Buffer Overflow (CWE-119)
2025-06-24 cna@vuldb.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 15, 2026 - 22:36 euvd
EUVD-2025-19007
Analysis Generated
Mar 15, 2026 - 22:36 vuln.today
PoC Detected
Jun 26, 2025 - 18:58 vuln.today
Public exploit code
CVE Published
Jun 24, 2025 - 13:15 nvd
HIGH 8.8

DescriptionCVE.org

A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function http_d of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

CVE-2025-6565 is a critical stack-based buffer overflow vulnerability in Netgear WNCE3001 v1.0.0.50 affecting the HTTP POST request handler's Host parameter processing. An authenticated attacker can remotely exploit this to achieve complete system compromise including confidentiality, integrity, and availability violations. Public exploitation code exists, elevating immediate risk.

Technical ContextAI

The vulnerability resides in the http_d component (HTTP daemon) of the Netgear WNCE3001 WiFi range extender, specifically in HTTP POST request handling. The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), manifesting as a stack-based buffer overflow when processing the Host header field. The affected product is a network device running embedded firmware version 1.0.0.50. The HTTP server fails to implement proper bounds checking on the Host parameter before writing to a fixed-size stack buffer, allowing an unauthenticated or authenticated attacker to overflow the buffer and corrupt the stack frame, potentially leading to arbitrary code execution. This is a classic memory safety issue common in C-based embedded network services lacking input validation.

RemediationAI

  1. IMMEDIATE: Disconnect affected WNCE3001 devices from network until patching is available; 2. INTERIM: Restrict network access to the device's HTTP interface via firewall rules (port 80/443 ingress filtering); 3. Change default administrative credentials if accessible to reduce authentication bypass risk; 4. Monitor Netgear support pages (netgear.com/support) for firmware security updates; 5. PATCH: When available, upgrade to firmware version >1.0.0.50 (specific patched version not yet identified—contact Netgear support for ETA); 6. LONG-TERM: Consider device replacement if Netgear does not issue timely security patches, as embedded devices often lack extended support lifecycles. Vendors should implement memory-safe programming practices or stack canaries in future releases.
CVE-2016-1555 CRITICAL POC
9.8 Apr 21

(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear

CVE-2016-10174 CRITICAL POC
9.8 Jan 30

The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cg

CVE-2016-6277 HIGH POC
8.8 Dec 14

NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.B

CVE-2017-6334 HIGH POC
8.8 Mar 06

dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute ar

CVE-2017-6077 CRITICAL POC
9.8 Feb 22

ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitra

CVE-2017-5521 HIGH POC
8.1 Jan 17

An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R

CVE-2016-5674 CRITICAL POC
9.8 Aug 31

__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR Rea

CVE-2013-2751 CRITICAL POC
10.0 Dec 12

Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator

CVE-2016-1525 HIGH POC
8.6 Feb 13

Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allow

CVE-2016-5675 CRITICAL POC
9.8 Aug 31

handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 th

CVE-2016-10176 CRITICAL POC
9.8 Jan 30

The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the w

CVE-2024-12847 CRITICAL POC
9.8 Jan 10

NETGEAR DGN1000 routers with firmware before 1.1.00.48 contain an unauthenticated remote command execution vulnerability

Share

CVE-2025-6565 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy