Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2025-50614

High

7.5/10

Summary

A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_0047151c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References

Advisory Timeline

Published Aug 13, 2025

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2025-50614

Summary

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS