CVE-2023-38925
Published: 07 August 2023
Summary
CVE-2023-38925 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Netgear Dc112A Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 3.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Netgear devices including the DC112A running firmware 1.0.0.64, the EX6200 at 1.0.3.94, and the R6300v2 at 1.0.4.8 contain a buffer overflow in the http_passwd parameter processed by password.cgi. The flaw is tracked as CWE-120 and carries a CVSS 3.1 score of 8.8, reflecting network-reachable exploitation that requires only low privileges and no user interaction.
An authenticated attacker can supply an oversized value to the affected parameter and trigger memory corruption, resulting in arbitrary code execution with full control over the device’s confidentiality, integrity, and availability. Because the vulnerable endpoint is reachable over the network, the attack can be launched remotely once valid credentials are obtained.
Public references point to Netgear’s security disclosure page and a technical write-up containing proof-of-concept details. The current EPSS score of 0.2957 matches its recorded peak, indicating sustained but not sharply increasing exploitation interest since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-42685
Vulnerability details
Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.