PT-2020-8849 · NetGear · R7500+13
Mongo
·
Published
2020-04-28
·
Updated
2020-05-05
·
CVE-2018-21205
CVSS v3.1
8.8
High
| Vector | AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N |
Name of the Vulnerable Software and Affected Versions
NETGEAR D7800 versions prior to 1.0.1.30
NETGEAR EX2700 versions prior to 1.0.1.28
NETGEAR R6100 versions prior to 1.0.1.20
NETGEAR R7500 versions prior to 1.0.0.118
NETGEAR R7500v2 versions prior to 1.0.3.24
NETGEAR R7800 versions prior to 1.0.2.40
NETGEAR R9000 versions prior to 1.0.2.52
NETGEAR WN2000RPTv3 versions prior to 1.0.1.20
NETGEAR WN3000RPv3 versions prior to 1.0.2.50
NETGEAR WN3100RPv2 versions prior to 1.0.0.56
NETGEAR WNDR3700v4 versions prior to 1.0.2.96
NETGEAR WNDR4300 versions prior to 1.0.2.98
NETGEAR WNDR4300v2 versions prior to 1.0.0.50
NETGEAR WNDR4500v3 versions prior to 1.0.0.50
Description
The issue is a stack-based buffer overflow that can be exploited by an unauthenticated attacker. This allows for potential remote code execution or denial of service.
Recommendations
Update D7800 to version 1.0.1.30 or later.
Update EX2700 to version 1.0.1.28 or later.
Update R6100 to version 1.0.1.20 or later.
Update R7500 to version 1.0.0.118 or later.
Update R7500v2 to version 1.0.3.24 or later.
Update R7800 to version 1.0.2.40 or later.
Update R9000 to version 1.0.2.52 or later.
Update WN2000RPTv3 to version 1.0.1.20 or later.
Update WN3000RPv3 to version 1.0.2.50 or later.
Update WN3100RPv2 to version 1.0.0.56 or later.
Update WNDR3700v4 to version 1.0.2.96 or later.
Update WNDR4300 to version 1.0.2.98 or later.
Update WNDR4300v2 to version 1.0.0.50 or later.
Update WNDR4500v3 to version 1.0.0.50 or later.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D7800
Ex2700
R6100
R7500
R7500V2
R7800
R9000
Wn2000Rptv3
Wn3000Rpv3
Wn3100Rpv2
Wndr3700V4
Wndr4300
Wndr4300V2
Wndr4500V3