Primary

Context

Netgear EX6150 Stack-Based Buffer Overflow Vulnerability

Vulnerability

A critical stack-based buffer overflow vulnerability has been identified in the Netgear EX6150 wireless range extender, specifically in version 1.0.0.46_1.0.76. This vulnerability arises from improper input handling in the function sub_410090, allowing for remote exploitation.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, which can commonly result in arbitrary code execution or causing the device to crash.

Reproduction

The vulnerability can be reproduced by sending a GET request that includes the kernel_log header. This specific input format triggers the buffer overflow by exploiting the vulnerable strcat function, which lacks proper bounds checking.

Added: Jun 23, 2025, 7:04 PM

Updated: Jun 23, 2025, 7:04 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netgear EX6150 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Netgear EX6150

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating