CVE-2022-27642

Name of the Vulnerable Software and Affected Versions NETGEAR R6700v3 version 1.0.4.120 10.0.91 NETGEAR R6400 versions (affected versions not specified) NETGEAR R6400v2 versions (affected versions not specified) NETGEAR R6900P versions (affected versions not specified) NETGEAR R7000 versions (affected versions not specified) NETGEAR R7000P versions (affected versions not specified) NETGEAR R8500 versions (affected versions not specified) NETGEAR RAX15 versions (affected versions not specified) NETGEAR RAX20 versions (affected versions not specified) NETGEAR RAX35v2 versions (affected versions not specified) NETGEAR RAX38v2 versions (affected versions not specified) NETGEAR RAX40v2 versions (affected versions not specified) NETGEAR RAX42 versions (affected versions not specified) NETGEAR RAX43 versions (affected versions not specified) NETGEAR RAX45 versions (affected versions not specified) NETGEAR RAX48 versions (affected versions not specified) NETGEAR RAX50 versions (affected versions not specified) NETGEAR RAX50S versions (affected versions not specified) NETGEAR RS400 versions (affected versions not specified) NETGEAR R7100LG versions (affected versions not specified) NETGEAR LAX20 versions (affected versions not specified) NETGEAR CAX80 versions (affected versions not specified) NETGEAR MR80 versions (affected versions not specified) NETGEAR MS80 versions (affected versions not specified)

Description This issue allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR routers. The specific flaw exists within the httpd service, resulting from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other issues to execute code in the context of root. The vulnerability is related to bypassing authentication via an alternative name.

Recommendations For NETGEAR R6700v3 version 1.0.4.120 10.0.91, consider disabling the httpd service until a patch is available. For other affected NETGEAR devices, at the moment, there is no information about a newer version that contains a fix for this vulnerability.