Security researchers have identified three critical vulnerabilities in the Netgear EX6200 Wi-Fi range extender that may allow remote attackers to access sensitive data unlawfully. Although notified of these issues, Netgear has not yet responded, leaving users at risk. Affected: Netgear EX6200 Wi-Fi Range Extender
Keypoints :
- Three critical vulnerabilities (CVE-2025-4148, CVE-2025-4149, CVE-2025-4150) were found in firmware version 1.0.3.94 of the Netgear EX6200.
- The vulnerabilities allow for remote code execution and data theft through buffer overflow and memory corruption.
- No patch or advisory has been issued by Netgear since notification about the vulnerabilities.
- Attackers can exploit these flaws without user interaction, making devices with remote management especially susceptible.
- Users are advised to disable remote management, limit external access, and monitor for updates and unusual activity.
- The CVSS scores for the vulnerabilities are all 8.8 (HIGH), indicating a significant security risk.
- Potential impacts include arbitrary code execution, data exfiltration, and enlistment into botnets for malicious use.
- Users should consider risk assessment and possible isolation or replacement of affected devices until a fix is provided.
Read More: https://gbhackers.com/netgear-ex6200-flaw/