Details of VAR-202403-0574

ID

VAR-202403-0574

CVE

CVE-2023-48725

TITLE

of netgear RAX30 Out-of-bounds write vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2023-028331

DESCRIPTION

A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. A specially crafted HTTP request can lead to code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. of netgear RAX30 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR RAX30 is a WiFi 6 router launched by NETGEAR. It supports dual bands (2.4GHz and 5GHz), has a maximum transmission rate of 2400Mbps, uses three external antennas, is equipped with a 1.5GHz triple-core processor, and can connect 20 devices at the same time. Attackers can use this vulnerability to submit special requests to crash the application or execute arbitrary code in the application context

Trust: 2.16

sources: NVD: CVE-2023-48725 // JVNDB: JVNDB-2023-028331 // CNVD: CNVD-2025-16604

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-16604

AFFECTED PRODUCTS

vendor:	netgear	model:	rax30	scope:	eq	version:	1.0.11.96	Trust: 1.6
vendor:	netgear	model:	rax30	scope:	eq	version:	1.0.7.78	Trust: 1.6
vendor:	ネットギア	model:	rax30	scope:	eq	version:	rax30 firmware 1.0.7.78	Trust: 0.8
vendor:	ネットギア	model:	rax30	scope:	eq	version:	rax30 firmware 1.0.11.96	Trust: 0.8
vendor:	ネットギア	model:	rax30	scope:	eq	version:	-	Trust: 0.8
vendor:	ネットギア	model:	rax30	scope:	-	version:	-	Trust: 0.8

sources: CNVD: CNVD-2025-16604 // JVNDB: JVNDB-2023-028331 // NVD: CVE-2023-48725

CVSS

SEVERITY

CVSSV2

CVSSV3

talos-cna@cisco.com:	CVE-2023-48725
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2023-48725
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-48725
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-16604
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2025-16604
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

talos-cna@cisco.com:	CVE-2023-48725
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2023-48725
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2023-48725
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-16604 // JVNDB: JVNDB-2023-028331 // NVD: CVE-2023-48725 // NVD: CVE-2023-48725

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	CWE-121	Trust: 1.0
problemtype:	Stack-based buffer overflow (CWE-121) [ others ]	Trust: 0.8
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-028331 // NVD: CVE-2023-48725

PATCH

title:

Patch for NETGEAR RAX30 getblockschedule buffer overflow vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/710996

Trust: 0.6

sources: CNVD: CNVD-2025-16604

EXTERNAL IDS

db:	NVD	id:	CVE-2023-48725	Trust: 3.2
db:	TALOS	id:	TALOS-2023-1887	Trust: 2.4
db:	JVNDB	id:	JVNDB-2023-028331	Trust: 0.8
db:	CNVD	id:	CNVD-2025-16604	Trust: 0.6

sources: CNVD: CNVD-2025-16604 // JVNDB: JVNDB-2023-028331 // NVD: CVE-2023-48725

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2023-1887	Trust: 2.4
url:	https://kb.netgear.com/000066037/security-advisory-for-post-authentication-stack-overflow-on-the-rax30-psv-2023-0160	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-48725	Trust: 0.8

sources: CNVD: CNVD-2025-16604 // JVNDB: JVNDB-2023-028331 // NVD: CVE-2023-48725

SOURCES

db:	CNVD	id:	CNVD-2025-16604
db:	JVNDB	id:	JVNDB-2023-028331
db:	NVD	id:	CVE-2023-48725

LAST UPDATE DATE

2025-07-23T23:14:55.170000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-16604	date:	2025-07-22T00:00:00
db:	JVNDB	id:	JVNDB-2023-028331	date:	2025-03-13T00:45:00
db:	NVD	id:	CVE-2023-48725	date:	2025-03-11T16:56:47.143

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-16604	date:	2025-07-21T00:00:00
db:	JVNDB	id:	JVNDB-2023-028331	date:	2025-03-13T00:00:00
db:	NVD	id:	CVE-2023-48725	date:	2024-03-07T15:15:07.733