CVE-2025-50613

Published: Aug 13, 2025Modified: Jun 17, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_key_wep in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.

Affected (1)

Products: Netis Systems: Wf2880 Firmware

1 product

Wf2880 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netis Systems Wf2880 Firmware	Version 2.1.40207

Running on/with	Platform Versions
Netis Systems Wf2880	All versions

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (1)

https://github.com/Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability/tree/main/6

Source: cve@mitre.org

ExploitThird Party Advisory

Timeline

No history available yet.