CVE-2025-6511
BaseFortify
Publication date: 2025-06-23
Last updated on: 2025-07-16
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netgear | ex6150_firmware | 1.0.0.46_1.0.76 |
| netgear | ex6150 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6511 is a critical stack-based buffer overflow vulnerability in the Netgear EX6150 firmware version 1.0.0.46_1.0.76. It occurs due to improper use of the strcat function without adequate bounds checking, which allows specially crafted input to overwrite the stack. This vulnerability affects the function sub_410090 and can be exploited remotely. The overflow can lead to arbitrary code execution or denial of service by corrupting the stack. [1, 3]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to remotely execute arbitrary code or cause a denial of service on the affected Netgear EX6150 device. Exploiting the stack-based buffer overflow can compromise the confidentiality, integrity, and availability of the system, potentially leading to full system compromise or disruption of network services. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious HTTP GET requests containing the header 'GET kernel_log' sent to the Netgear EX6150 device running firmware version 1.0.0.46_1.0.76. Detection can involve inspecting network traffic for such specially crafted requests that trigger the stack-based buffer overflow. Specific commands are not provided in the available resources, but network packet capture tools like tcpdump or Wireshark can be used to filter HTTP GET requests to the device and look for 'kernel_log' in the request headers. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps are not explicitly detailed in the provided resources. However, since no known mitigations or countermeasures have been identified and the vulnerability is critical and remotely exploitable, it is recommended to consider replacing the affected Netgear EX6150 device or upgrading its firmware if a patch becomes available. Additionally, restricting network access to the device and monitoring for exploit attempts can help reduce risk until a fix is applied. [3]