PT-2021-22174 · NetGear · Netgear R6400+3

Published

2021-08-11

Updated

2021-08-19

CVE-2021-38517

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NETGEAR R6400 versions prior to 1.0.1.70 NETGEAR RAX75 versions prior to 1.0.4.120 NETGEAR RAX80 versions prior to 1.0.4.120 NETGEAR XR300 versions prior to 1.0.3.50

Description The issue affects certain NETGEAR devices, causing out-of-bounds reads and writes.

Recommendations For NETGEAR R6400 version prior to 1.0.1.70, update to version 1.0.1.70 or later. For NETGEAR RAX75 version prior to 1.0.4.120, update to version 1.0.4.120 or later. For NETGEAR RAX80 version prior to 1.0.4.120, update to version 1.0.4.120 or later. For NETGEAR XR300 version prior to 1.0.3.50, update to version 1.0.3.50 or later.

Fix

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

CVE-2021-38517

Affected Products

Netgear R6400

Netgear Rax75

Netgear Rax80

Netgear Xr300

PT-2021-22174 · NetGear · Netgear R6400+3

CVE-2021-38517

Weakness Enumeration

Related Identifiers

Affected Products

References · 7