Stack-Based Buffer Overflow in Netgear XR300 Router
CVE-2025-52081

6.5MEDIUM

Key Information:

Vendor: Netgear
Status: XR300 Router
Vendor: CVE Published:; 15 July 2025

What is CVE-2025-52081?

The Netgear XR300 router is affected by a stack-based buffer overflow vulnerability in its HTTPD service. This security issue arises when malicious POST requests are made to the usb_device.cgi endpoint, specifically targeting the usb_folder parameter. Exploitation of this vulnerability could allow an attacker to execute arbitrary code, compromising the system's integrity and user data. It is essential for users to be aware of this issue and apply necessary security measures to safeguard their devices.

References

https://github.com/lafdrew/IOT/blob/main/Netgear%20XR300/...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Jun 16, 2025