CVE-2025-5934

Published: Jun 10, 2025Modified: Jun 20, 2025

7.4

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: CNA (Secondary)

Description

A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It has been classified as critical. Affected is the function sub_41619C of the file /mtd. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.0.98 is able to address this issue. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer.

Affected (1)

Products: Netgear: Ex3700 Firmware

1 product

Ex3700 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex3700 Firmware	Before 1.0.0.88

Running on/with	Platform Versions
Netgear Ex3700	All versions

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (8)

https://github.com/xiaobor123/vul-finds/tree/main/vul-find-ex3700-netgear

Source: cna@vuldb.com

ExploitThird Party Advisory

https://github.com/xiaobor123/vul-finds/tree/main/vul-find-ex3700-netgear#poc

Source: cna@vuldb.com

ExploitThird Party Advisory

https://vuldb.com/?ctiid.311712

Source: cna@vuldb.com

Permissions RequiredVDB Entry

https://vuldb.com/?id.311712

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.588258

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://www.netgear.com/

Source: cna@vuldb.com

Product

https://github.com/xiaobor123/vul-finds/tree/main/vul-find-ex3700-netgear

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

ExploitThird Party Advisory

https://github.com/xiaobor123/vul-finds/tree/main/vul-find-ex3700-netgear#poc

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

ExploitThird Party Advisory

Timeline

No history available yet.