CVE-2025-44652

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Netgear RAX30 version 1.0.10.94 3

Description The USERLIMIT GLOBAL option is set to 0 in multiple bftpd-related configuration files, potentially leading to denial-of-service (DoS) attacks when an unlimited number of users connect.

Recommendations Update to a newer version that addresses this configuration issue. As a temporary workaround, consider modifying the bftpd configuration files to set a reasonable limit for the USERLIMIT GLOBAL option.

Fix

DoS

Improper Resource Release

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-770

Related Identifiers

BDU:2025-09106

CVE-2025-44652

Affected Products

Netgear Rax30

Bftpd

CVE-2025-44652

Weakness Enumeration

Related Identifiers

Affected Products

References · 9