Buffer Overflow Vulnerability in Netgear Router
CVE-2025-4116

8.7HIGH

Key Information:

Vendor

Netgear
Status
Jwnr2000v2
Vendor
CVE Published:
30 April 2025
đź”” Create Netgear Vulnerability Alert

What is CVE-2025-4116?

A buffer overflow vulnerability has been identified in the Netgear JWNR2000v2 router's 'get_cur_lang_ver' function. This issue arises from improper handling of the 'host' argument, potentially allowing an attacker to execute arbitrary code remotely. The vulnerability poses a significant risk as it enables exploitation without requiring local access to the device. Despite proactive communications with the vendor regarding this vulnerability, there has been no response or remediation provided.

Affected Version(s)

JWNR2000v2 1.0.0.11

References

https://vuldb.com/?id.306596
vdb-entrytechnical-description
https://vuldb.com/?ctiid.306596
signaturepermissions-required
https://vuldb.com/?submit.560770
third-party-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

yummysoup2 (VulDB User)
.