CVE-2025-4120: Netgear JWNR2000v2 sub_4238E8 buffer overflow
First published: Wed Apr 30 2025(Updated: )
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been classified as critical. Affected is the function sub_4238E8. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgear JWNR2000v2 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4120?
CVE-2025-4120 has been classified as critical due to the potential for remote exploitation through a buffer overflow.
How do I fix CVE-2025-4120?
To fix CVE-2025-4120, users should update the firmware of the Netgear JWNR2000v2 router to the latest version provided by the vendor.
What type of vulnerability is CVE-2025-4120?
CVE-2025-4120 is a buffer overflow vulnerability that can be exploited remotely.
Which device is affected by CVE-2025-4120?
CVE-2025-4120 affects the Netgear JWNR2000v2 router running firmware version 1.0.0.11.
Can CVE-2025-4120 be exploited remotely?
Yes, CVE-2025-4120 can be exploited remotely via manipulation of the host argument.
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/netgear
- canonical/netgear jwnr2000v2 firmware