CVE-2025-5934
BaseFortify
Publication date: 2025-06-10
Last updated on: 2025-06-20
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netgear | ex3700_firmware | to 1.0.0.88 (exc) |
| netgear | ex3700 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5934 is a critical stack-based buffer overflow vulnerability in the Netgear EX3700 device firmware up to version 1.0.0.88. It occurs in the function sub_41619C within the /mtd file due to improper handling of input, specifically from unsafe use of the strcat function without proper bounds checking. This causes a buffer allocated on the stack to be overwritten, which can lead to remote exploitation allowing attackers to execute arbitrary code or cause denial of service by corrupting the stack. [1, 2]
How can this vulnerability impact me? :
This vulnerability can severely impact you by allowing remote attackers to exploit the stack-based buffer overflow to execute arbitrary code on the affected Netgear EX3700 device or cause a denial of service. This compromises the confidentiality, integrity, and availability of the device, potentially leading to unauthorized control or disruption of network services. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve checking the firmware version of the Netgear EX3700 device to see if it is at or below 1.0.0.88, which is vulnerable. Since the vulnerability is a stack-based buffer overflow in the /mtd file's sub_41619C function triggered by a crafted input, network detection might include monitoring for unusual or malformed packets targeting the device's management interfaces. Specific commands to check firmware version on the device might include accessing the device's CLI or web interface to query the firmware version. Additionally, scanning the device with vulnerability scanners that include CVE-2025-5934 detection could help. However, no explicit detection commands are provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the Netgear EX3700 device firmware to version 1.0.0.98 or later, as this version addresses the vulnerability. Since the affected products are no longer supported by the maintainer, upgrading to the fixed version is the recommended action. Additionally, restricting remote access to the device and monitoring for exploit attempts can help reduce risk until the upgrade is applied. [1, 2]