PT-2021-5911 · NetGear · Netgear Xr300+8
Published
2021-12-21
·
Updated
2022-01-07
·
CVE-2021-45611
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NETGEAR DC112A versions prior to 1.0.0.52
NETGEAR R6400 versions prior to 1.0.1.68
NETGEAR RAX200 versions prior to 1.0.3.106
NETGEAR WNDR3400v3 versions prior to 1.0.1.38
NETGEAR XR300 versions prior to 1.0.3.68
NETGEAR R8500 versions prior to 1.0.2.144
NETGEAR RAX75 versions prior to 1.0.3.106
NETGEAR R8300 versions prior to 1.0.2.144
NETGEAR RAX80 versions prior to 1.0.3.106
Description
The issue is related to a buffer overflow that can be exploited by an unauthenticated attacker. This can allow a remote attacker to execute arbitrary code or cause a denial of service. The buffer overflow occurs due to the lack of size checking of input data.
Recommendations
For NETGEAR DC112A versions prior to 1.0.0.52, update to version 1.0.0.52 or later.
For NETGEAR R6400 versions prior to 1.0.1.68, update to version 1.0.1.68 or later.
For NETGEAR RAX200 versions prior to 1.0.3.106, update to version 1.0.3.106 or later.
For NETGEAR WNDR3400v3 versions prior to 1.0.1.38, update to version 1.0.1.38 or later.
For NETGEAR XR300 versions prior to 1.0.3.68, update to version 1.0.3.68 or later.
For NETGEAR R8500 versions prior to 1.0.2.144, update to version 1.0.2.144 or later.
For NETGEAR RAX75 versions prior to 1.0.3.106, update to version 1.0.3.106 or later.
For NETGEAR R8300 versions prior to 1.0.2.144, update to version 1.0.2.144 or later.
For NETGEAR RAX80 versions prior to 1.0.3.106, update to version 1.0.3.106 or later.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netgear Dc112A
Netgear R6400
Netgear R8300
Netgear R8500
Netgear Rax200
Netgear Rax75
Netgear Rax80
Netgear Wndr3400V3
Netgear Xr300