Security researchers have disclosed three critical vulnerabilities in Netgear’s popular EX6200 Wi-Fi range extender, warning that attackers could remotely compromise devices and steal sensitive data.
The flaws, tracked as CVE-2025-4148, CVE-2025-4149, and CVE-2025-4150, affect firmware version 1.0.3.94 and stem from buffer overflow issues in the device’s internal functions.
The Netgear EX6200 is widely deployed in homes and small businesses to boost Wi-Fi coverage.
Its popularity, however, amplifies the risk posed by these vulnerabilities, which allow remote code execution, unauthorized access, and data theft without requiring physical access or user interaction.
Technical analysis reveals that all three vulnerabilities arise from improper handling of the host argument in specific internal functions (sub_503FC, sub_54014, and sub_54340).
When exploited, these flaws enable attackers to overwrite memory, execute arbitrary code, and potentially seize full control of the device.
Attackers could redirect network traffic, intercept credentials, deploy malware, or conscript routers into botnets for further attacks.
Each vulnerability is rated 8.8 (High) on the CVSS v3.1 scale, reflecting the severe risk of exploitation.
Notably, Netgear was notified of these issues but has yet to issue a patch or public advisory, leaving users exposed.
Security experts urge users to take immediate precautions:
- Disable remote management features to reduce attack surfaces.
- Restrict network access to the device and segment critical systems.
- Monitor device logs for suspicious activity.
- Regularly check for firmware updates and apply patches if released.
The vulnerabilities have drawn attention from both independent researchers and federal agencies.
The Cybersecurity and Infrastructure Security Agency (CISA) is expected to add these CVEs to its Known Exploited Vulnerabilities Catalog, mandating swift remediation for government networks.
Until Netgear issues a fix, users should assess their risk, apply mitigating actions, and consider replacing or isolating affected devices to protect sensitive data and prevent compromise.
Summary Table: Netgear EX6200 Critical Vulnerabilities
| CVE ID | Affected Product (Version) | CWE Type | CVSSv3 Score | Impact |
|---|---|---|---|---|
| CVE-2025-4148 | Netgear EX6200 (1.0.3.94) | CWE-120 (Buffer Overflow), CWE-119 | 8.8 (High) | Remote code execution, data theft |
| CVE-2025-4149 | Netgear EX6200 (1.0.3.94) | CWE-120, CWE-119 | 8.8 (High) | Remote access, data theft |
| CVE-2025-4150 | Netgear EX6200 (1.0.3.94) | CWE-120, CWE-119 | 8.8 (High) | Remote access, data theft |
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=The flaws, tracked as CVE-2025-4148, CVE-2025-4149, and CVE-2025-4150, affect firmware version 1.0.3.94 and stem from buffer overflow issues in the device’s internal functions.){kind=link}