Swing

**Name of the Vulnerable Software and Affected Versions** NETGEAR D6220 versions prior to 1.0.0.68 NETGEAR D6400 versions prior to 1.0.0.102 NETGEAR D7000v2 versions prior to 1.0.0.66 NETGEAR D8500 versions prior to 1.0.3.58 NETGEAR DC112A versions prior to 1.0.0.54 NETGEAR EX7000 versions prior to 1.0.1.94 NETGEAR EX7500 versions prior to 1.0.0.72 NETGEAR R6250 versions prior to 1.0.4.48 NETGEAR R6300v2 versions prior to 1.0.4.52 NETGEAR R6400 versions prior to 1.0.1.70 NETGEAR R6400v2 versions prior to 1.0.4.102 NETGEAR R6700v3 versions prior to 1.0.4.102 NETGEAR R7000 versions prior to 1.0.11.116 NETGEAR R7100LG versions prior to 1.0.0.64 NETGEAR R7850 versions prior to 1.0.5.68 NETGEAR R7900 versions prior to 1.0.4.30 NETGEAR R7960P versions prior to 1.4.1.68 NETGEAR R8000 versions prior to 1.0.4.52 NETGEAR RAX200 versions prior to 1.0.2.88 NETGEAR RBS40V versions prior to 2.6.2.4 NETGEAR RS400 versions prior to 1.5.1.80 NETGEAR XR300 versions prior to 1.0.3.56 NETGEAR R7000P versions prior to 1.3.2.124 NETGEAR R8000P versions prior to 1.4.1.68 NETGEAR R8500 versions prior to 1.0.2.144 NETGEAR RAX80 versions prior to 1.0.3.102 NETGEAR R6900P versions prior to 1.3.2.124 NETGEAR R7900P versions prior to 1.4.1.68 NETGEAR R8300 versions prior to 1.0.2.144 NETGEAR RAX75 versions prior to 1.0.3.102 NETGEAR RBR750 versions prior to 3.2.17.12 NETGEAR RBR850 versions prior to 3.2.17.12 NETGEAR RBS750 versions prior to 3.2.17.12 NETGEAR RBS850 versions prior to 3.2.17.12 NETGEAR RBK752 versions prior to 3.2.17.12 NETGEAR RBK852 versions prior to 3.2.17.12 **Description** The issue is related to a buffer overflow caused by an authenticated user, which can lead to a denial of service or the execution of arbitrary code. This occurs due to the lack of size checking for input data. **Recommendations** Update D6220 to version 1.0.0.68 or later Update D6400 to version 1.0.0.102 or later Update D7000v2 to version 1.0.0.66 or later Update D8500 to version 1.0.3.58 or later Update DC112A to version 1.0.0.54 or later Update EX7000 to version 1.0.1.94 or later Update EX7500 to version 1.0.0.72 or later Update R6250 to version 1.0.4.48 or later Update R6300v2 to version 1.0.4.52 or later Update R6400 to version 1.0.1.70 or later Update R6400v2 to version 1.0.4.102 or later Update R6700v3 to version 1.0.4.102 or later Update R7000 to version 1.0.11.116 or later Update R7100LG to version 1.0.0.64 or later Update R7850 to version 1.0.5.68 or later Update R7900 to version 1.0.4.30 or later Update R7960P to version 1.4.1.68 or later Update R8000 to version 1.0.4.52 or later Update RAX200 to version 1.0.2.88 or later Update RBS40V to version 2.6.2.4 or later Update RS400 to version 1.5.1.80 or later Update XR300 to version 1.0.3.56 or later Update R7000P to version 1.3.2.124 or later Update R8000P to version 1.4.1.68 or later Update R8500 to version 1.0.2.144 or later Update RAX80 to version 1.0.3.102 or later Update R6900P to version 1.3.2.124 or later Update R7900P to version 1.4.1.68 or later Update R8300 to version 1.0.2.144 or later Update RAX75 to version 1.0.3.102 or later Update RBR750 to version 3.2.17.12 or later Update RBR850 to version 3.2.17.12 or later Update RBS750 to version 3.2.17.12 or later Update RBS850 to version 3.2.17.12 or later Update RBK752 to version 3.2.17.12 or later Update RBK852 to version 3.2.17.12 or later

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV340, RV340W, RV345, and RV345P (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in the web-based management interface of the affected routers. These vulnerabilities could allow an attacker to execute arbitrary code, cause a denial of service (DoS) condition, or execute arbitrary commands. The exploitation can be done by sending a specially crafted HTTP request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers (affected versions not specified) **Description** The vulnerability in the web-based management interface of the affected routers is related to errors in handling HTTP requests, specifically with syntax quoting neutralization. This could allow a remote attacker to execute arbitrary commands by sending a specially crafted HTTP request. The issue may enable an attacker to execute arbitrary code, cause a denial of service (DoS) condition, or execute arbitrary commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HoRNDIS versions (affected versions not specified) **Description** The issue is caused by an integer overflow in the RNDIS packet parsing routines, allowing a malicious USB device to trigger disclosure of unrelated kernel memory to userspace applications on the host or cause the kernel to crash. Kernel memory disclosure is more likely on 32-bit kernels, while 64-bit kernels are more likely to crash during attempted exploitation. The vulnerability is located in the `HoRNDIS::receivePacket` function, where variables `msg len`, `data ofs`, and `data len` can be controlled by an attached USB device. A negative value of `data ofs` can bypass the check for `(data ofs + data len + 8) > msg len`, leading to a wild pointer copy in the `mbuf copyback` call. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of HoRNDIS to only trusted USB devices, especially in multi-tenant systems.

**Name of the Vulnerable Software and Affected Versions** D-Link DNS-320 FW version 2.06B01 Revision Ax **Description** The issue is related to command injection in the system mgr.cgi component, which can lead to remote arbitrary code execution. This occurs due to errors in neutralizing special elements in the OS command. The exploitation of this issue can allow a remote attacker to execute arbitrary code. **Recommendations** For D-Link DNS-320 FW version 2.06B01 Revision Ax, consider disabling the system mgr.cgi component as a temporary workaround until a patch is available. Restrict access to this component to minimize the risk of exploitation.