Affected Vendors This Week:
- Netgear: 18 CVEs (17 High, 1 Medium)
- ASUS: 1 CVE (High)
Critical Buffer Overflow Storm in Netgear Range Extenders
This week brings an unusually concentrated vulnerability disclosure affecting Netgear's EX6200 and EX6120 range extender product lines. Eighteen CVEs were disclosed, with 17 rated as High severity, all centered on a dangerous attack pattern: buffer overflow vulnerabilities exploitable via the host parameter.
The affected firmware versions are Netgear EX6200 1.0.3.94, EX6200 1.0.0.68, and EX6120 1.0.3.94 and 1.0.0.68. All vulnerabilities carry a CVSS score of 8.8, indicating high exploitability and significant impact. The flaws are spread across multiple internal functions, including sub_54340 (CVE-2025-4150), sub_503FC (CVE-2025-4148), sub_54014 (CVE-2025-4149), sub_41940 (CVE-2025-4146), sub_47F7C (CVE-2025-4147), sub_3D0BC (CVE-2025-4145), sub_3C8EC (CVE-2025-4142), sub_30394 (CVE-2025-4140), sub_3C03C (CVE-2025-4141), and fwAcosCgiInbound (CVE-2025-4139), among others.
Why This Matters: Buffer overflows in network-facing functions like these can allow unauthenticated remote attackers to execute arbitrary code on affected devices. Range extenders are often deployed in trusted network segments, but they're frequently overlooked during patch cycles—making them attractive targets for lateral movement.
Recommended Actions:
- Check your inventory immediately for affected EX6200 and EX6120 units running firmware 1.0.3.94 or 1.0.0.68
- Prioritize firmware updates as soon as Netgear releases patched versions
- Consider temporarily isolating affected devices from critical network segments if updates are not immediately available
- Monitor Netgear's security advisory page for patch release announcements
Additional Vulnerability: ASUS Kernel Issue
ASUS disclosed one High-severity CVE this week: CVE-2025-37761 (CVSS 7.1), a Linux kernel out-of-bounds shift vulnerability in the DRM/XE graphics driver. While details remain limited, this type of kernel vulnerability can lead to denial of service or privilege escalation. ASUS router owners using affected kernel versions should monitor for available security patches.