Wayne Chin Yick Low

**Name of the Vulnerable Software and Affected Versions** NETGEAR SRR60 versions prior to 2.2.1.210 NETGEAR SRS60 versions prior to 2.2.1.210 **Description** The issue is related to stored XSS, affecting certain NETGEAR devices. **Recommendations** For NETGEAR SRR60 versions prior to 2.2.1.210, update to version 2.2.1.210 or later. For NETGEAR SRS60 versions prior to 2.2.1.210, update to version 2.2.1.210 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR D3600 versions 1.0.0.0 through 1.0.0.74 NETGEAR D6000 versions 1.0.0.0 through 1.0.0.74 NETGEAR D7800 versions 1.0.0.0 through 1.0.1.43 NETGEAR DM200 versions 1.0.0.0 through 1.0.0.57 NETGEAR R7800 versions 1.0.0.0 through 1.0.2.57 NETGEAR R8900 versions 1.0.0.0 through 1.0.4.11 NETGEAR R9000 versions 1.0.0.0 through 1.0.4.7 NETGEAR RBK20 versions 2.3.0.0 through 2.3.0.27 NETGEAR RBR20 versions 2.3.0.0 through 2.3.0.27 NETGEAR RBS20 versions 2.3.0.0 through 2.3.0.27 NETGEAR RBK40 versions 2.3.0.0 through 2.3.0.27 NETGEAR RBS40 versions 2.3.0.0 through 2.3.0.27 NETGEAR RBK50 versions 2.3.0.0 through 2.3.0.31 NETGEAR RBR50 versions 2.3.0.0 through 2.3.0.31 NETGEAR RBS50 versions 2.3.0.0 through 2.3.0.31 NETGEAR WN3000RPv2 versions 1.0.0.0 through 1.0.0.67 NETGEAR WN3000RPv3 versions 1.0.0.0 through 1.0.2.69 NETGEAR WN3100RPv2 versions 1.0.0.0 through 1.0.0.59 NETGEAR WNDR4300v2 versions 1.0.0.0 through 1.0.0.57 NETGEAR WNDR4500v3 versions 1.0.0.0 through 1.0.0.57 NETGEAR WNR2000v5 versions 1.0.0.0 through 1.0.0.67 **Description** The issue is related to reflected XSS, which affects certain NETGEAR devices. **Recommendations** Update D3600 to version 1.0.0.75 or later. Update D6000 to version 1.0.0.75 or later. Update D7800 to version 1.0.1.44 or later. Update DM200 to version 1.0.0.58 or later. Update R7800 to version 1.0.2.58 or later. Update R8900 to version 1.0.4.12 or later. Update R9000 to version 1.0.4.8 or later. Update RBK20 to version 2.3.0.28 or later. Update RBR20 to version 2.3.0.28 or later. Update RBS20 to version 2.3.0.28 or later. Update RBK40 to version 2.3.0.28 or later. Update RBS40 to version 2.3.0.28 or later. Update RBK50 to version 2.3.0.32 or later. Update RBR50 to version 2.3.0.32 or later. Update RBS50 to version 2.3.0.32 or later. Update WN3000RPv2 to version 1.0.0.68 or later. Update WN3000RPv3 to version 1.0.2.70 or later. Update WN3100RPv2 to version 1.0.0.60 or later. Update WNDR4300v2 to version 1.0.0.58 or later. Update WNDR4500v3 to version 1.0.0.58 or later. Update WNR2000v5 to version 1.0.0.68 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR DGN2200v1 versions 1.0.0.0 through 1.0.0.57 NETGEAR D8500 versions 1.0.0.0 through 1.0.3.41 NETGEAR D7000v2 versions 1.0.0.0 through 1.0.0.50 NETGEAR D6400 versions 1.0.0.0 through 1.0.0.77 NETGEAR D6220 versions 1.0.0.0 through 1.0.0.43 NETGEAR JNDR3000 versions 1.0.0.0 through 1.0.0.23 NETGEAR R8000 versions 1.0.0.0 through 1.0.4.17 NETGEAR R8500 versions 1.0.0.0 through 1.0.2.121 NETGEAR R8300 versions 1.0.0.0 through 1.0.2.121 NETGEAR R7900 versions 1.0.0.0 through 1.0.2.15 NETGEAR R7000P versions 1.0.0.0 through 1.3.2.33 NETGEAR R7300DST versions 1.0.0.0 through 1.0.0.67 NETGEAR R7100LG versions 1.0.0.0 through 1.0.0.45 NETGEAR R6900P versions 1.0.0.0 through 1.3.2.33 NETGEAR R7000 versions 1.0.0.0 through 1.0.9.27 NETGEAR R6900 versions 1.0.0.0 through 1.0.1.45 NETGEAR R6700 versions 1.0.0.0 through 1.0.1.45 NETGEAR R6400v2 versions 1.0.0.0 through 1.0.2.55 NETGEAR R6400 versions 1.0.0.0 through 1.0.1.41 NETGEAR R6300v2 versions 1.0.0.0 through 1.0.4.27 NETGEAR R6250 versions 1.0.0.0 through 1.0.4.25 NETGEAR WNDR3400v3 versions 1.0.0.0 through 1.0.1.21 NETGEAR WNDR4500v2 versions 1.0.0.0 through 1.0.0.71 NETGEAR WNR3500Lv2 versions 1.0.0.0 through 1.2.0.49 **Description** The issue is a stack-based buffer overflow that can be exploited by an unauthenticated attacker. **Recommendations** Update DGN2200v1 to version 1.0.0.58 or later. Update D8500 to version 1.0.3.42 or later. Update D7000v2 to version 1.0.0.51 or later. Update D6400 to version 1.0.0.78 or later. Update D6220 to version 1.0.0.44 or later. Update JNDR3000 to version 1.0.0.24 or later. Update R8000 to version 1.0.4.18 or later. Update R8500 to version 1.0.2.122 or later. Update R8300 to version 1.0.2.122 or later. Update R7900 to version 1.0.2.16 or later. Update R7000P to version 1.3.2.34 or later. Update R7300DST to version 1.0.0.68 or later. Update R7100LG to version 1.0.0.46 or later. Update R6900P to version 1.3.2.34 or later. Update R7000 to version 1.0.9.28 or later. Update R6900 to version 1.0.1.46 or later. Update R6700 to version 1.0.1.46 or later. Update R6400v2 to version 1.0.2.56 or later. Update R6400 to version 1.0.1.42 or later. Update R6300v2 to version 1.0.4.28 or later. Update R6250 to version 1.0.4.26 or later. Update WNDR3400v3 to version 1.0.1.22 or later. Update WNDR4500v2 to version 1.0.0.72 or later. Update WNR3500Lv2 to version 1.2.0.50 or later.

**Name of the Vulnerable Software and Affected Versions** NETGEAR D6220 versions 1.0.0.0 through 1.0.0.45 NETGEAR D6400 versions 1.0.0.0 through 1.0.0.79 NETGEAR D7000v2 versions 1.0.0.0 through 1.0.0.50 NETGEAR D8500 versions 1.0.0.0 through 1.0.3.41 NETGEAR DGN2200v1 versions 1.0.0.0 through 1.0.0.57 NETGEAR DGN2200B versions 1.0.0.0 through 1.0.0.57 NETGEAR JNDR3000 versions 1.0.0.0 through 1.0.0.23 NETGEAR RBW30 versions 2.1.4.0 through 2.1.4.15 NETGEAR R6250 versions 1.0.0.0 through 1.0.4.25 NETGEAR R6300v2 versions 1.0.0.0 through 1.0.4.27 NETGEAR R6400 versions 1.0.0.0 through 1.0.1.41 NETGEAR R6400v2 versions 1.0.0.0 through 1.0.2.55 NETGEAR R6700 versions 1.0.0.0 through 1.0.1.45 NETGEAR R6900 versions 1.0.0.0 through 1.0.1.45 NETGEAR R7000 versions 1.0.0.0 through 1.0.9.31 NETGEAR R6900P versions 1.0.0.0 through 1.3.1.43 NETGEAR R7100LG versions 1.0.0.0 through 1.0.0.45 NETGEAR R7300DST versions 1.0.0.0 through 1.0.0.67 NETGEAR R7000P versions 1.0.0.0 through 1.3.1.43 NETGEAR R7900 versions 1.0.0.0 through 1.0.2.15 NETGEAR R8000P versions 1.0.0.0 through 1.4.0.9 NETGEAR R7900P versions 1.0.0.0 through 1.4.0.9 NETGEAR R8300 versions 1.0.0.0 through 1.0.2.121 NETGEAR R8500 versions 1.0.0.0 through 1.0.2.121 NETGEAR R8000 versions 1.0.0.0 through 1.0.4.17 NETGEAR WNDR3400v3 versions 1.0.0.0 through 1.0.1.21 NETGEAR WNDR4500v2 versions 1.0.0.0 through 1.0.0.71 NETGEAR WNR3500Lv2 versions 1.0.0.0 through 1.2.0.53 NETGEAR WN3100RP versions 1.0.0.0 through 1.0.0.19 NETGEAR WN2500RPv2 versions 1.0.0.0 through 1.0.1.53 **Description** A stack-based buffer overflow issue affects certain NETGEAR devices when exploited by an authenticated user. **Recommendations** Update NETGEAR D6220 to version 1.0.0.46 or later Update NETGEAR D6400 to version 1.0.0.80 or later Update NETGEAR D7000v2 to version 1.0.0.51 or later Update NETGEAR D8500 to version 1.0.3.42 or later Update NETGEAR DGN2200v1 to version 1.0.0.58 or later Update NETGEAR DGN2200B to version 1.0.0.58 or later Update NETGEAR JNDR3000 to version 1.0.0.24 or later Update NETGEAR RBW30 to version 2.1.4.16 or later Update NETGEAR R6250 to version 1.0.4.26 or later Update NETGEAR R6300v2 to version 1.0.4.28 or later Update NETGEAR R6400 to version 1.0.1.42 or later Update NETGEAR R6400v2 to version 1.0.2.56 or later Update NETGEAR R6700 to version 1.0.1.46 or later Update NETGEAR R6900 to version 1.0.1.46 or later Update NETGEAR R7000 to version 1.0.9.32 or later Update NETGEAR R6900P to version 1.3.1.44 or later Update NETGEAR R7100LG to version 1.0.0.46 or later Update NETGEAR R7300DST to version 1.0.0.68 or later Update NETGEAR R7000P to version 1.3.1.44 or later Update NETGEAR R7900 to version 1.0.2.16 or later Update NETGEAR R8000P to version 1.4.0.10 or later Update NETGEAR R7900P to version 1.4.0.10 or later Update NETGEAR R8300 to version 1.0.2.122 or later Update NETGEAR R8500 to version 1.0.2.122 or later Update NETGEAR R8000 to version 1.0.4.18 or later Update NETGEAR WNDR3400v3 to version 1.0.1.22 or later Update NETGEAR WNDR4500v2 to version 1.0.0.72 or later Update NETGEAR WNR3500Lv2 to version 1.2.0.54 or later Update NETGEAR WN3100RP to version 1.0.0.20 or later Update NETGEAR WN2500RPv2 to version 1.0.1.54 or later

**Name of the Vulnerable Software and Affected Versions** NETGEAR D8500 versions 1.0.3.43 and earlier NETGEAR R8500 versions 1.0.2.128 and earlier NETGEAR R8300 versions 1.0.2.128 and earlier NETGEAR R8000 versions 1.0.4.28 and earlier NETGEAR R7300DST versions 1.0.0.68 and earlier NETGEAR R7100LG versions 1.0.0.48 and earlier NETGEAR R6900P versions 1.3.1.44 and earlier NETGEAR R7900P versions 1.4.1.30 and earlier NETGEAR R8000P versions 1.4.1.30 and earlier NETGEAR R7000P versions 1.3.1.44 and earlier NETGEAR R7000 versions 1.0.9.34 and earlier NETGEAR R6900 versions 1.0.2.4 and earlier NETGEAR R6700 versions 1.0.2.6 and earlier NETGEAR R6400 versions 1.0.1.44 and earlier **Description** A buffer overflow issue affects certain NETGEAR devices when an authenticated user exploits the vulnerability. **Recommendations** For NETGEAR D8500 version 1.0.3.43 and earlier, update to version 1.0.3.43 or later. For NETGEAR R8500 version 1.0.2.128 and earlier, update to version 1.0.2.128 or later. For NETGEAR R8300 version 1.0.2.128 and earlier, update to version 1.0.2.128 or later. For NETGEAR R8000 version 1.0.4.28 and earlier, update to version 1.0.4.28 or later. For NETGEAR R7300DST version 1.0.0.68 and earlier, update to version 1.0.0.68 or later. For NETGEAR R7100LG version 1.0.0.48 and earlier, update to version 1.0.0.48 or later. For NETGEAR R6900P version 1.3.1.44 and earlier, update to version 1.3.1.44 or later. For NETGEAR R7900P version 1.4.1.30 and earlier, update to version 1.4.1.30 or later. For NETGEAR R8000P version 1.4.1.30 and earlier, update to version 1.4.1.30 or later. For NETGEAR R7000P version 1.3.1.44 and earlier, update to version 1.3.1.44 or later. For NETGEAR R7000 version 1.0.9.34 and earlier, update to version 1.0.9.34 or later. For NETGEAR R6900 version 1.0.2.4 and earlier, update to version 1.0.2.4 or later. For NETGEAR R6700 version 1.0.2.6 and earlier, update to version 1.0.2.6 or later. For NETGEAR R6400 version 1.0.1.44 and earlier, update to version 1.0.1.44 or later.

**Name of the Vulnerable Software and Affected Versions** DGN2200 versions 1.0.0.0 through 1.0.0.57 DGN2200B versions 1.0.0.0 through 1.0.0.57 D8500 versions 1.0.0.0 through 1.0.3.41 D7000v2 versions 1.0.0.0 through 1.0.0.50 D6400 versions 1.0.0.0 through 1.0.0.79 D6220 versions 1.0.0.0 through 1.0.0.43 EX7000 versions 1.0.0.0 through 1.0.0.65 EX6200 versions 1.0.0.0 through 1.0.3.87 EX6150 versions 1.0.0.0 through 1.0.0.41 EX7500 versions 1.0.0.0 through 1.0.0.45 JNDR3000 versions 1.0.0.0 through 1.0.0.23 R8000 versions 1.0.0.0 through 1.0.4.17 R8500 versions 1.0.0.0 through 1.0.2.121 R8300 versions 1.0.0.0 through 1.0.2.121 R7900P versions 1.0.0.0 through 1.4.0.9 R8000P versions 1.0.0.0 through 1.4.0.9 R7900 versions 1.0.0.0 through 1.0.2.15 R7000P versions 1.0.0.0 through 1.3.1.43 R7300DST versions 1.0.0.0 through 1.0.0.67 R7100LG versions 1.0.0.0 through 1.0.0.45 R6900P versions 1.0.0.0 through 1.3.1.43 R7000 versions 1.0.0.0 through 1.0.9.31 R6900 versions 1.0.0.0 through 1.0.1.45 R6700 versions 1.0.0.0 through 1.0.1.45 R6400v2 versions 1.0.0.0 through 1.0.2.55 R6400 versions 1.0.0.0 through 1.0.1.41 R6300v2 versions 1.0.0.0 through 1.0.4.27 R6250 versions 1.0.0.0 through 1.0.4.25 WNDR4500v2 versions 1.0.0.0 through 1.0.0.71 WNR3500Lv2 versions 1.0.0.0 through 1.2.0.53 **Description** A buffer overflow issue affects certain NETGEAR devices when an authenticated user exploits the vulnerability. **Recommendations** Update DGN2200 to version 1.0.0.58 or later. Update DGN2200B to version 1.0.0.58 or later. Update D8500 to version 1.0.3.42 or later. Update D7000v2 to version 1.0.0.51 or later. Update D6400 to version 1.0.0.80 or later. Update D6220 to version 1.0.0.44 or later. Update EX7000 to version 1.0.0.66 or later. Update EX6200 to version 1.0.3.88 or later. Update EX6150 to version 1.0.0.42 or later. Update EX7500 to version 1.0.0.46 or later. Update JNDR3000 to version 1.0.0.24 or later. Update R8000 to version 1.0.4.18 or later. Update R8500 to version 1.0.2.122 or later. Update R8300 to version 1.0.2.122 or later. Update R7900P to version 1.4.0.10 or later. Update R8000P to version 1.4.0.10 or later. Update R7900 to version 1.0.2.16 or later. Update R7000P to version 1.3.1.44 or later. Update R7300DST to version 1.0.0.68 or later. Update R7100LG to version 1.0.0.46 or later. Update R6900P to version 1.3.1.44 or later. Update R7000 to version 1.0.9.32 or later. Update R6900 to version 1.0.1.46 or later. Update R6700 to version 1.0.1.46 or later. Update R6400v2 to version 1.0.2.56 or later. Update R6400 to version 1.0.1.42 or later. Update R6300v2 to version 1.0.4.28 or later. Update R6250 to version 1.0.4.26 or later. Update WNDR4500v2 to version 1.0.0.72 or later. Update WNR3500Lv2 to version 1.2.0.54 or later.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient access control in a Windows operating system kernel-mode driver. It allows a local attacker to potentially elevate their privileges using a specially crafted application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.