This page lists publicly disclosed CVE vulnerabilities affecting netis-systems wf2880_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-50617 | A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wps_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-50616 | A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046f984 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_advanced_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-50615 | A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_mac_filter_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-50614 | A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_0047151c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-50613 | A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_key_wep in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-50612 | A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set in the payload, which may cause the program to crash and potentially lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-50611 | A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set_5g and wl_sec_rp_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-50610 | A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00476598 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-50609 | A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the Function_00465620 of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of specify_parame in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-50608 | A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00471994 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-08-13 | 2026-06-17 |
| CVE-2025-45835 | A null pointer dereference vulnerability was discovered in Netis WF2880 v2.1.40207. The vulnerability exists in the FUN_004904c8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the environment variable value CONTENT_LENGTH, causing the program to crash and potentially leading to a denial-of-service (DoS) attack. | [email protected] | 7.5 | 0.40% | 2025-05-12 | 2026-06-17 |
| CVE-2019-8985 | On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa. | [email protected] | 9.8 | 13.30% | 2019-02-21 | 2026-06-16 |