PT-2021-6175 · NetGear · Netgear R7000+12
Published
2021-12-21
·
Updated
2022-01-10
·
CVE-2021-45638
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
NETGEAR D6220 versions prior to 1.0.0.68
NETGEAR D6400 versions prior to 1.0.0.102
NETGEAR D7000v2 versions prior to 1.0.0.74
NETGEAR D8500 versions prior to 1.0.3.60
NETGEAR DC112A versions prior to 1.0.0.56
NETGEAR R6300v2 versions prior to 1.0.4.50
NETGEAR R6400 versions prior to 1.0.1.68
NETGEAR R7000 versions prior to 1.0.11.116
NETGEAR R7100LG versions prior to 1.0.0.70
NETGEAR RBS40V versions prior to 2.6.2.8
NETGEAR RBW30 versions prior to 2.6.2.2
NETGEAR RS400 versions prior to 1.5.1.80
NETGEAR R7000P versions prior to 1.3.2.132
NETGEAR R6900P versions prior to 1.3.2.132
Description
The issue is caused by a stack-based buffer overflow that can be exploited by an unauthenticated attacker, potentially allowing a remote attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations
For NETGEAR D6220 version prior to 1.0.0.68, update to version 1.0.0.68 or later.
For NETGEAR D6400 version prior to 1.0.0.102, update to version 1.0.0.102 or later.
For NETGEAR D7000v2 version prior to 1.0.0.74, update to version 1.0.0.74 or later.
For NETGEAR D8500 version prior to 1.0.3.60, update to version 1.0.3.60 or later.
For NETGEAR DC112A version prior to 1.0.0.56, update to version 1.0.0.56 or later.
For NETGEAR R6300v2 version prior to 1.0.4.50, update to version 1.0.4.50 or later.
For NETGEAR R6400 version prior to 1.0.1.68, update to version 1.0.1.68 or later.
For NETGEAR R7000 version prior to 1.0.11.116, update to version 1.0.11.116 or later.
For NETGEAR R7100LG version prior to 1.0.0.70, update to version 1.0.0.70 or later.
For NETGEAR RBS40V version prior to 2.6.2.8, update to version 2.6.2.8 or later.
For NETGEAR RBW30 version prior to 2.6.2.2, update to version 2.6.2.2 or later.
For NETGEAR RS400 version prior to 1.5.1.80, update to version 1.5.1.80 or later.
For NETGEAR R7000P version prior to 1.3.2.132, update to version 1.3.2.132 or later.
For NETGEAR R6900P version prior to 1.3.2.132, update to version 1.3.2.132 or later.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netgear R6220
Netgear R6400
Netgear D7000V2
Netgear R8500
Netgear Dc112A
Netgear R6300V2
Netgear R6900P
Netgear R7000
Netgear R7000P
Netgear R7100Lg
Netgear Rbs40
Netgear Rbw30
Netgear Rs400