PT-2021-5915 · NetGear · Netgear R7000+7
Published
2021-09-25
·
Updated
2022-01-05
·
CVE-2021-45605
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NETGEAR R6400 versions prior to 1.0.1.68
NETGEAR R7000 versions prior to 1.0.11.116
NETGEAR R6900P versions prior to 1.3.3.140
NETGEAR R7000P versions prior to 1.3.3.140
NETGEAR R7900 versions prior to 1.0.4.38
NETGEAR RAX75 versions prior to 1.0.3.102
NETGEAR RAX80 versions prior to 1.0.3.102
NETGEAR XR300 versions prior to 1.0.3.50
Description
The issue is related to a stack-based buffer overflow that can be triggered by an authenticated user. This can lead to a denial of service.
Recommendations
For NETGEAR R6400 version prior to 1.0.1.68, update to version 1.0.1.68 or later.
For NETGEAR R7000 version prior to 1.0.11.116, update to version 1.0.11.116 or later.
For NETGEAR R6900P version prior to 1.3.3.140, update to version 1.3.3.140 or later.
For NETGEAR R7000P version prior to 1.3.3.140, update to version 1.3.3.140 or later.
For NETGEAR R7900 version prior to 1.0.4.38, update to version 1.0.4.38 or later.
For NETGEAR RAX75 version prior to 1.0.3.102, update to version 1.0.3.102 or later.
For NETGEAR RAX80 version prior to 1.0.3.102, update to version 1.0.3.102 or later.
For NETGEAR XR300 version prior to 1.0.3.50, update to version 1.0.3.50 or later.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netgear R6400
Netgear R6900P
Netgear R7000
Netgear R7000P
Netgear R7900
Netgear Rax75
Netgear Rax80
Netgear Xr300