CVE-2020-15636

Name of the Vulnerable Software and Affected Versions NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware 1.0.4.84 10.0.58

Description This issue allows remote attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the check ra service. A crafted raePolicyVersion in a RAE Policy.json file can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this issue to execute code in the context of root.

Recommendations For NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware 1.0.4.84 10.0.58, consider disabling the check ra service until a patch is available. Restrict access to the RAE Policy.json file to minimize the risk of exploitation. Avoid using crafted raePolicyVersion values in the RAE Policy.json file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.