Can you explain this vulnerability to me?

CVE-2025-44650 is a vulnerability in Netgear devices (R7000 and EAX80) caused by a misconfiguration in the bftpd.conf file where the USERLIMIT_GLOBAL option is set to 0. This setting allows unlimited simultaneous user logins, which can be exploited to perform denial-of-service (DoS) attacks by overwhelming the server with too many connections. [1]

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can impact you by allowing attackers to connect an unlimited number of users simultaneously to the affected Netgear devices, potentially causing denial-of-service (DoS) attacks. This can disrupt normal device operation and network availability. [1]

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by checking the bftpd.conf configuration file on your Netgear R7000 or EAX80 device to see if the USERLIMIT_GLOBAL option is set to 0. For example, use commands to access the device's file system and view the configuration file, such as: `cat /etc/bftpd.conf | grep USERLIMIT_GLOBAL`. If the output shows USERLIMIT_GLOBAL=0, the device is vulnerable. [1]

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, immediately change the USERLIMIT_GLOBAL setting in the bftpd.conf file from 0 to a reasonable limit between 5 and 20 simultaneous user connections. This will prevent unlimited concurrent connections and reduce the risk of denial-of-service attacks. [1]

Useful 0 Not Useful 0