CVE-2025-52082
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-15

Last updated on: 2025-08-11

Assigner: MITRE

Description
In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing the read_access parameter.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-15
Last Modified
2025-08-11
Generated
2026-05-07
AI Q&A
2025-07-15
EPSS Evaluated
2026-05-05
NVD
CVE-2025-52082
EUVD
EUVD-2025-21455
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
netgear xr300_firmware 1.0.3.38
netgear xr300 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a stack-based buffer overflow in the HTTPD service of Netgear XR300 V1.0.3.38_10.3.30. It occurs when the device processes POST requests to the usb_device.cgi endpoint that include the read_access parameter, potentially allowing an attacker to overwrite memory on the device.


How can this vulnerability impact me? :

The stack-based buffer overflow could allow an attacker to execute arbitrary code or cause a denial of service on the affected Netgear XR300 device by sending specially crafted POST requests to the usb_device.cgi endpoint with the read_access parameter.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart