CVE-2025-4115: Netgear JWNR2000v2 default_version_is_new buffer overflow
First published: Wed Apr 30 2025(Updated: )
A vulnerability classified as critical was found in Netgear JWNR2000v2 1.0.0.11. Affected by this vulnerability is the function default_version_is_new. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgear JWNR2000v2 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4115?
CVE-2025-4115 is classified as a critical vulnerability.
How do I fix CVE-2025-4115?
To fix CVE-2025-4115, update the firmware of the Netgear JWNR2000v2 to the latest version provided by the vendor.
What causes the vulnerability CVE-2025-4115?
CVE-2025-4115 is caused by a buffer overflow in the function default_version_is_new due to improper handling of the argument host.
Can CVE-2025-4115 be exploited remotely?
Yes, CVE-2025-4115 can be exploited remotely without needing physical access to the device.
What are the potential impacts of CVE-2025-4115?
The potential impacts of CVE-2025-4115 include system crashes and unauthorized access to the affected Netgear device.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/title
- agent/first-publish-date
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/last-modified-date
- agent/author
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/netgear
- canonical/netgear jwnr2000v2 firmware