PT-2020-8779 · NetGear · R6700+9
Aircut
·
Published
2020-04-23
·
Updated
2020-05-01
·
CVE-2018-21135
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NETGEAR R6700 versions 1.0.0 through 1.0.1.47
NETGEAR R7500 versions 1.0.0 through 1.0.0.123
NETGEAR R7800 versions 1.0.0 through 1.0.2.57
NETGEAR R8900 versions 1.0.0 through 1.0.4.1
NETGEAR R9000 versions 1.0.0 through 1.0.4.1
NETGEAR WNDR3700v4 versions 1.0.0 through 1.0.2.101
NETGEAR WNDR4300v1 versions 1.0.0 through 1.0.2.103
NETGEAR WNDR4300v2 versions 1.0.0 through 1.0.0.55
NETGEAR WNDR4500v3 versions 1.0.0 through 1.0.0.55
NETGEAR WNR2000v5-R2000 versions 1.0.0 through 1.0.0.67
Description
A stack-based buffer overflow issue affects certain NETGEAR devices when an authenticated user exploits the vulnerability.
Recommendations
Update R6700 to version 1.0.1.48 or later.
Update R7500 to version 1.0.0.124 or later.
Update R7800 to version 1.0.2.58 or later.
Update R8900 to version 1.0.4.2 or later.
Update R9000 to version 1.0.4.2 or later.
Update WNDR3700v4 to version 1.0.2.102 or later.
Update WNDR4300v1 to version 1.0.2.104 or later.
Update WNDR4300v2 to version 1.0.0.56 or later.
Update WNDR4500v3 to version 1.0.0.56 or later.
Update WNR2000v5-R2000 to version 1.0.0.68 or later.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
R6700
R7500
R7800
R8900
R9000
Wndr3700V4
Wndr4300V1
Wndr4300V2
Wndr4500V3
Wnr2000V5-R2000