CVE-2025-4116

Published Apr 30, 2025

Last updated a month ago

CVSS high 8.7

Overview

Description
A vulnerability, which was classified as critical, has been found in Netgear JWNR2000v2 1.0.0.11. Affected by this issue is the function get_cur_lang_ver. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Source
cna@vuldb.com
NVD status
Analyzed

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.7
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

CVSS 2.0

Type
Secondary
Base score
9
Impact score
10
Exploitability score
8
Vector string
AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

cna@vuldb.com
CWE-119
nvd@nist.gov
CWE-120

Social media

Hype score
Not currently trending

  1. �� CVE-2025-4116 - NETGEAR JWNR2000v2 Router - HIGH 🚨 🗓️ Date published 2025-04-30 13:15:49 UTC #NETGEARJWNR2000v2Router #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/tKiGuoy4LL

    @vulns_space

    30 Apr 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [CVE-2025-4116: HIGH] Critical vulnerability found in Netgear JWNR2000v2 1.0.0.11. Exploiting the get_cur_lang_ver function can trigger a buffer overflow remotely. Vendor notified but no response.#cve,CVE-2025-4116,#cybersecurity https://t.co/pmw62bADfl https://t.co/x80NbQO9EP

    @CveFindCom

    30 Apr 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.