PT-2020-8300 · NetGear · R7500+9

Published

2020-04-23

Updated

2020-04-27

CVE-2017-18751

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: D7800 versions 1.0.1.27 and earlier R6100 versions 1.0.1.15 and earlier R7500 versions 1.0.0.111 and earlier R7500v2 versions 1.0.3.19 and earlier R7800 versions 1.0.2.35 and earlier R9000 versions 1.0.2.51 and earlier WNDR3700v4 versions 1.0.2.87 and earlier WNDR4300 versions 1.0.2.89 and earlier WNDR4300v2 versions 1.0.0.47 and earlier WNDR4500v3 versions 1.0.0.47 and earlier

Description: Certain NETGEAR devices are affected by a stack-based buffer overflow that can be exploited by an unauthenticated attacker.

Recommendations: For D7800 version 1.0.1.27 and earlier, update to version 1.0.1.28 or later. For R6100 version 1.0.1.15 and earlier, update to version 1.0.1.16 or later. For R7500 version 1.0.0.111 and earlier, update to version 1.0.0.112 or later. For R7500v2 version 1.0.3.19 and earlier, update to version 1.0.3.20 or later. For R7800 version 1.0.2.35 and earlier, update to version 1.0.2.36 or later. For R9000 version 1.0.2.51 and earlier, update to version 1.0.2.52 or later. For WNDR3700v4 version 1.0.2.87 and earlier, update to version 1.0.2.88 or later. For WNDR4300 version 1.0.2.89 and earlier, update to version 1.0.2.90 or later. For WNDR4300v2 version 1.0.0.47 and earlier, update to version 1.0.0.48 or later. For WNDR4500v3 version 1.0.0.47 and earlier, update to version 1.0.0.48 or later.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2017-18751

Affected Products

D7800

R6100

R7500

R7500V2

R7800

R9000

Wndr3700V4

Wndr4300

Wndr4300V2

Wndr4500V3

PT-2020-8300 · NetGear · R7500+9

CVE-2017-18751

Weakness Enumeration

Related Identifiers

Affected Products

References · 5