PT-2020-10688 · NetGear · R7900P+16

Wayne Low

Published

2020-04-16

Updated

2020-04-23

CVE-2019-20713

CVSS v3.1

6.8

Medium

Vector

AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N

Name of the Vulnerable Software and Affected Versions NETGEAR D8500 versions prior to 1.0.3.44 NETGEAR R6250 versions prior to 1.0.4.34 NETGEAR R6300v2 versions prior to 1.0.4.32 NETGEAR R6400 versions prior to 1.0.1.46 NETGEAR R6700 versions prior to 1.0.2.6 NETGEAR R6900 versions prior to 1.0.2.4 NETGEAR R6900P versions prior to 1.3.1.64 NETGEAR R7000 versions prior to 1.0.9.42 NETGEAR R7000P versions prior to 1.3.1.64 NETGEAR R7100LG versions prior to 1.0.0.50 NETGEAR R7300DST versions prior to 1.0.0.70 NETGEAR R7900 versions prior to 1.0.3.8 NETGEAR R7900P versions prior to 1.4.1.30 NETGEAR R8000 versions prior to 1.0.4.28 NETGEAR R8000P versions prior to 1.4.1.30 NETGEAR R8300 versions prior to 1.0.2.128 NETGEAR R8500 versions prior to 1.0.2.128

Description A stack-based buffer overflow issue affects certain NETGEAR devices, allowing an authenticated user to potentially exploit this issue.

Recommendations For NETGEAR D8500 version prior to 1.0.3.44, update to version 1.0.3.44 or later. For NETGEAR R6250 version prior to 1.0.4.34, update to version 1.0.4.34 or later. For NETGEAR R6300v2 version prior to 1.0.4.32, update to version 1.0.4.32 or later. For NETGEAR R6400 version prior to 1.0.1.46, update to version 1.0.1.46 or later. For NETGEAR R6700 version prior to 1.0.2.6, update to version 1.0.2.6 or later. For NETGEAR R6900 version prior to 1.0.2.4, update to version 1.0.2.4 or later. For NETGEAR R6900P version prior to 1.3.1.64, update to version 1.3.1.64 or later. For NETGEAR R7000 version prior to 1.0.9.42, update to version 1.0.9.42 or later. For NETGEAR R7000P version prior to 1.3.1.64, update to version 1.3.1.64 or later. For NETGEAR R7100LG version prior to 1.0.0.50, update to version 1.0.0.50 or later. For NETGEAR R7300DST version prior to 1.0.0.70, update to version 1.0.0.70 or later. For NETGEAR R7900 version prior to 1.0.3.8, update to version 1.0.3.8 or later. For NETGEAR R7900P version prior to 1.4.1.30, update to version 1.4.1.30 or later. For NETGEAR R8000 version prior to 1.0.4.28, update to version 1.0.4.28 or later. For NETGEAR R8000P version prior to 1.4.1.30, update to version 1.4.1.30 or later. For NETGEAR R8300 version prior to 1.0.2.128, update to version 1.0.2.128 or later. For NETGEAR R8500 version prior to 1.0.2.128, update to version 1.0.2.128 or later.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-20713

Affected Products

D8500

R6250

R6300V2

R6400

R6700

R6900

R6900P

R7000

R7000P

R7100Lg

R7300Dst

R7900

R7900P

R8000

R8000P

R8300

R8500

PT-2020-10688 · NetGear · R7900P+16

CVE-2019-20713

Weakness Enumeration

Related Identifiers

Affected Products

References · 3