PT-2017-4192 · NetGear · Netgear Wnr2000V4+2

Published

2017-05-26

Updated

2024-06-28

CVE-2017-6862

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NETGEAR WNR2000v3 versions prior to 1.1.2.14 NETGEAR WNR2000v4 versions prior to 1.0.0.66 NETGEAR WNR2000v5 versions prior to 1.0.0.42

Description The issue allows authentication bypass and remote code execution via a buffer overflow in the administration webapp. This is due to a parameter in the webapp that can be exploited. The vulnerability can be exploited by a remote attacker to execute arbitrary code.

Recommendations For NETGEAR WNR2000v3 versions prior to 1.1.2.14, update to version 1.1.2.14 or later. For NETGEAR WNR2000v4 versions prior to 1.0.0.66, update to version 1.0.0.66 or later. For NETGEAR WNR2000v5 versions prior to 1.0.0.42, update to version 1.0.0.42 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2022-03967

CVE-2017-6862

Affected Products

Netgear Wnr2000V3

Netgear Wnr2000V4

Netgear Wnr2000V5

PT-2017-4192 · NetGear · Netgear Wnr2000V4+2

CVE-2017-6862

Weakness Enumeration

Related Identifiers

Affected Products

References · 9