The flaws, tracked as CVE-2025-4148, CVE-2025-4149, and CVE-2025-4150, affect firmware version 1.0.3.94 and stem from buffer overflow issues in the device’s internal functions.
The Netgear EX6200 is widely deployed in homes and small businesses to boost Wi-Fi coverage.
Its popularity, however, amplifies the risk posed by these vulnerabilities, which allow remote code execution, unauthorized access, and data theft without requiring physical access or user interaction.
Technical analysis reveals that all three vulnerabilities arise from improper handling of the host argument in specific internal functions (sub_503FC, sub_54014, and sub_54340).
When exploited, these flaws enable attackers to overwrite memory, execute arbitrary code, and potentially seize full control of the device.
Attackers could redirect network traffic, intercept credentials, deploy malware, or conscript routers into botnets for further attacks.
Each vulnerability is rated 8.8 (High) on the CVSS v3.1 scale, reflecting the severe risk of exploitation.
Notably, Netgear was notified of these issues but has yet to issue a patch or public advisory, leaving users exposed.
Security experts urge users to take immediate precautions:
The vulnerabilities have drawn attention from both independent researchers and federal agencies.
The Cybersecurity and Infrastructure Security Agency (CISA) is expected to add these CVEs to its Known Exploited Vulnerabilities Catalog, mandating swift remediation for government networks.
Until Netgear issues a fix, users should assess their risk, apply mitigating actions, and consider replacing or isolating affected devices to protect sensitive data and prevent compromise.
| CVE ID | Affected Product (Version) | CWE Type | CVSSv3 Score | Impact |
|---|---|---|---|---|
| CVE-2025-4148 | Netgear EX6200 (1.0.3.94) | CWE-120 (Buffer Overflow), CWE-119 | 8.8 (High) | Remote code execution, data theft |
| CVE-2025-4149 | Netgear EX6200 (1.0.3.94) | CWE-120, CWE-119 | 8.8 (High) | Remote access, data theft |
| CVE-2025-4150 | Netgear EX6200 (1.0.3.94) | CWE-120, CWE-119 | 8.8 (High) | Remote access, data theft |
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
The post Netgear EX6200 Flaw Allows Remote Hijacking and Data Theft appeared first on Cyber Security News.
Prices at the pump have been climbing, jumping more than $1 a gallon since the…
BIG COUNTRY, Texas (KTAB/KRBC) - In this episode of Carter and Kat’s Weather Chat, our…
ABC has pulled the newest season of "The Bachelorette" amid controversy with its main contestant,…
ABILENE, Texas (KTAB/KRBC) - A mom from Buffalo Gap shared about life as an empty…
Editor’s Note: The Abilene Police Department supplied the following arrest and incident reports. All information…
TAYLOR COUNTY, Texas (KTAB/KRBC) - Dozens of dogs have been rescued from a property in…
This website uses cookies.