PT-2020-8825 · NetGear · R9000+13
Mongo
·
Published
2020-04-28
·
Updated
2020-05-01
·
CVE-2018-21181
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
D7800 versions 1.0.1.28 and earlier
EX2700 versions 1.0.1.32 and earlier
EX6200v2 versions 1.0.1.56 and earlier
R7500v2 versions 1.0.3.24 and earlier
R7800 versions 1.0.2.40 and earlier
R9000 versions 1.0.3.6 and earlier
WN2000RPTv3 versions 1.0.1.20 and earlier
WN3000RPv3 versions 1.0.2.52 and earlier
WN3100RPv2 versions 1.0.0.42 and earlier
WNDR3700v4 versions 1.0.2.92 and earlier
WNDR4300 versions 1.0.2.94 and earlier
WNDR4300v2 versions 1.0.0.50 and earlier
WNDR4500v3 versions 1.0.0.50 and earlier
WNR2000v5 versions 1.0.0.62 and earlier
Description
The issue is a stack-based buffer overflow that can be exploited by an authenticated user. This allows for potential unauthorized access or control.
Recommendations
For D7800 version 1.0.1.28 and earlier, update to version 1.0.1.28 or later.
For EX2700 version 1.0.1.32 and earlier, update to version 1.0.1.32 or later.
For EX6200v2 version 1.0.1.56 and earlier, update to version 1.0.1.56 or later.
For R7500v2 version 1.0.3.24 and earlier, update to version 1.0.3.24 or later.
For R7800 version 1.0.2.40 and earlier, update to version 1.0.2.40 or later.
For R9000 version 1.0.3.6 and earlier, update to version 1.0.3.6 or later.
For WN2000RPTv3 version 1.0.1.20 and earlier, update to version 1.0.1.20 or later.
For WN3000RPv3 version 1.0.2.52 and earlier, update to version 1.0.2.52 or later.
For WN3100RPv2 version 1.0.0.42 and earlier, update to version 1.0.0.42 or later.
For WNDR3700v4 version 1.0.2.92 and earlier, update to version 1.0.2.92 or later.
For WNDR4300 version 1.0.2.94 and earlier, update to version 1.0.2.94 or later.
For WNDR4300v2 version 1.0.0.50 and earlier, update to version 1.0.0.50 or later.
For WNDR4500v3 version 1.0.0.50 and earlier, update to version 1.0.0.50 or later.
For WNR2000v5 version 1.0.0.62 and earlier, update to version 1.0.0.62 or later.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D7800
Ex2700
Ex6200V2
R7500V2
R7800
R9000
Wn2000Rptv3
Wn3000Rpv3
Wn3100Rpv2
Wndr3700V4
Wndr4300
Wndr4300V2
Wndr4500V3
Wnr2000V5