CVE-2025-6565

Name of the Vulnerable Software and Affected Versions: Netgear WNCE3001 version 1.0.0.50

Description: A critical vulnerability has been found, affecting the http d function of the HTTP POST Request Handler component. The manipulation of the Host argument leads to a stack-based buffer overflow. This issue can be exploited remotely. The exploit has been publicly disclosed.

Recommendations: For Netgear WNCE3001 version 1.0.0.50, as a temporary workaround, consider restricting access to the http d function of the HTTP POST Request Handler component until a patch is available. Avoid using the Host argument in the affected HTTP POST Request Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.