PT-2020-8858 · NetGear · R9000+8

Mongo

Published

2020-04-28

Updated

2020-05-04

CVE-2018-21214

CVSS v3.1

8.8

High

Vector

AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N

Name of the Vulnerable Software and Affected Versions D3600 versions prior to 1.0.0.67 D6000 versions prior to 1.0.0.67 EX2700 versions prior to 1.0.1.28 R6100 versions prior to 1.0.1.20 R7500v2 versions prior to 1.0.3.24 R9000 versions prior to 1.0.2.52 WN2000RPTv3 versions prior to 1.0.1.20 WN3000RPv3 versions prior to 1.0.2.50 WN3100RPv2 versions prior to 1.0.0.56

Description Certain NETGEAR devices are affected by a buffer overflow that can be exploited by an unauthenticated attacker.

Recommendations For D3600 version prior to 1.0.0.67, update to version 1.0.0.67 or later. For D6000 version prior to 1.0.0.67, update to version 1.0.0.67 or later. For EX2700 version prior to 1.0.1.28, update to version 1.0.1.28 or later. For R6100 version prior to 1.0.1.20, update to version 1.0.1.20 or later. For R7500v2 version prior to 1.0.3.24, update to version 1.0.3.24 or later. For R9000 version prior to 1.0.2.52, update to version 1.0.2.52 or later. For WN2000RPTv3 version prior to 1.0.1.20, update to version 1.0.1.20 or later. For WN3000RPv3 version prior to 1.0.2.50, update to version 1.0.2.50 or later. For WN3100RPv2 version prior to 1.0.0.56, update to version 1.0.0.56 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2018-21214

Affected Products

D3600

D6000

Ex2700

R6100

R7500V2

R9000

Wn2000Rptv3

Wn3000Rpv3

Wn3100Rpv2

PT-2020-8858 · NetGear · R9000+8

CVE-2018-21214

Weakness Enumeration

Related Identifiers

Affected Products

References · 4