PT-2017-4192 · NetGear · Netgear Wnr2000V4+2

Publicado

2017-05-26

Atualizado

2024-06-28

CVE-2017-6862

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NETGEAR WNR2000v3 versions prior to 1.1.2.14 NETGEAR WNR2000v4 versions prior to 1.0.0.66 NETGEAR WNR2000v5 versions prior to 1.0.0.42

Description The issue allows authentication bypass and remote code execution via a buffer overflow in the administration webapp. This is due to a parameter in the webapp that can be exploited. The vulnerability can be exploited by a remote attacker to execute arbitrary code.

Recommendations For NETGEAR WNR2000v3 versions prior to 1.1.2.14, update to version 1.1.2.14 or later. For NETGEAR WNR2000v4 versions prior to 1.0.0.66, update to version 1.0.0.66 or later. For NETGEAR WNR2000v5 versions prior to 1.0.0.42, update to version 1.0.0.42 or later.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-120

Identificadores relacionados

BDU:2022-03967

CVE-2017-6862

Produtos afetados

Netgear Wnr2000V3

Netgear Wnr2000V4

Netgear Wnr2000V5

PT-2017-4192 · NetGear · Netgear Wnr2000V4+2

CVE-2017-6862

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9