PT-2020-8837 · NetGear · R7500+10
Mongo
·
Published
2020-04-28
·
Updated
2020-05-01
·
CVE-2018-21193
CVSS v3.1
6.8
Medium
| Vector | AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N |
Name of the Vulnerable Software and Affected Versions
D6100 versions 1.0.0.0 through 1.0.0.56
D7800 versions 1.0.0.0 through 1.0.1.33
R6100 versions 1.0.0.0 through 1.0.1.19
R7500 versions 1.0.0.0 through 1.0.0.121
R7500v2 versions 1.0.0.0 through 1.0.3.23
R7800 versions 1.0.0.0 through 1.0.2.39
WNDR3700v4 versions 1.0.0.0 through 1.0.2.91
WNDR4300 versions 1.0.0.0 through 1.0.2.93
WNDR4300v2 versions 1.0.0.0 through 1.0.0.49
WNDR4500v3 versions 1.0.0.0 through 1.0.0.49
WNR2000v5 versions 1.0.0.0 through 1.0.0.61
Description
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user.
Recommendations
For D6100 version 1.0.0.56 and earlier, update to version 1.0.0.57 or later.
For D7800 version 1.0.1.33 and earlier, update to version 1.0.1.34 or later.
For R6100 version 1.0.1.19 and earlier, update to version 1.0.1.20 or later.
For R7500 version 1.0.0.121 and earlier, update to version 1.0.0.122 or later.
For R7500v2 version 1.0.3.23 and earlier, update to version 1.0.3.24 or later.
For R7800 version 1.0.2.39 and earlier, update to version 1.0.2.40 or later.
For WNDR3700v4 version 1.0.2.91 and earlier, update to version 1.0.2.92 or later.
For WNDR4300 version 1.0.2.93 and earlier, update to version 1.0.2.94 or later.
For WNDR4300v2 version 1.0.0.49 and earlier, update to version 1.0.0.50 or later.
For WNDR4500v3 version 1.0.0.49 and earlier, update to version 1.0.0.50 or later.
For WNR2000v5 version 1.0.0.61 and earlier, update to version 1.0.0.62 or later.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D6100
D7800
R6100
R7500
R7500V2
R7800
Wndr3700V4
Wndr4300
Wndr4300V2
Wndr4500V3
Wnr2000V5