PT-2020-8857 · NetGear · R7500+11

Mongo

·

Published

2020-04-28

·

Updated

2020-05-01

·

CVE-2018-21213

CVSS v3.1

8.8

High

VectorAC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N
Name of the Vulnerable Software and Affected Versions D3600 versions prior to 1.0.0.67 D6000 versions prior to 1.0.0.67 D7800 versions prior to 1.0.1.30 R6100 versions prior to 1.0.1.20 R7500 versions prior to 1.0.0.118 R7500v2 versions prior to 1.0.3.24 R7800 versions prior to 1.0.2.40 R9000 versions prior to 1.0.2.52 WNDR3700v4 versions prior to 1.0.2.96 WNDR4300 versions prior to 1.0.2.98 WNDR4300v2 versions prior to 1.0.0.50 WNDR4500v3 versions prior to 1.0.0.50
Description Certain NETGEAR devices are affected by a buffer overflow that can be exploited by an unauthenticated attacker.
Recommendations For D3600 versions prior to 1.0.0.67, update to version 1.0.0.67 or later. For D6000 versions prior to 1.0.0.67, update to version 1.0.0.67 or later. For D7800 versions prior to 1.0.1.30, update to version 1.0.1.30 or later. For R6100 versions prior to 1.0.1.20, update to version 1.0.1.20 or later. For R7500 versions prior to 1.0.0.118, update to version 1.0.0.118 or later. For R7500v2 versions prior to 1.0.3.24, update to version 1.0.3.24 or later. For R7800 versions prior to 1.0.2.40, update to version 1.0.2.40 or later. For R9000 versions prior to 1.0.2.52, update to version 1.0.2.52 or later. For WNDR3700v4 versions prior to 1.0.2.96, update to version 1.0.2.96 or later. For WNDR4300 versions prior to 1.0.2.98, update to version 1.0.2.98 or later. For WNDR4300v2 versions prior to 1.0.0.50, update to version 1.0.0.50 or later. For WNDR4500v3 versions prior to 1.0.0.50, update to version 1.0.0.50 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2018-21213

Affected Products

D3600
D6000
D7800
R6100
R7500
R7500V2
R7800
R9000
Wndr3700V4
Wndr4300
Wndr4300V2
Wndr4500V3