CVE-2022-27643

Name of the Vulnerable Software and Affected Versions NETGEAR R6400 versions prior to the fixed version NETGEAR R6400v2 versions prior to the fixed version NETGEAR R6700v3 version 1.0.4.120 10.0.91 NETGEAR R6900P versions prior to the fixed version NETGEAR R7000 versions prior to the fixed version NETGEAR R7000P versions prior to the fixed version NETGEAR R8500 versions prior to the fixed version NETGEAR RS400 versions prior to the fixed version NETGEAR WNDR3400v3 versions prior to the fixed version NETGEAR WNR3500Lv2 versions prior to the fixed version NETGEAR XR300 versions prior to the fixed version NETGEAR D6220 versions prior to the fixed version NETGEAR D6400 versions prior to the fixed version NETGEAR D7000v2 versions prior to the fixed version NETGEAR R7100LG versions prior to the fixed version NETGEAR DC112A versions prior to the fixed version

Description The issue is related to a buffer overflow due to the lack of validation of the length of user-supplied data when handling SOAP requests, specifically when parsing the SOAPAction header. This allows an attacker to execute arbitrary code in the context of root without requiring authentication. The vulnerability can be exploited by network-adjacent attackers.

Recommendations For NETGEAR R6400, update to a version that fixes the vulnerability. For NETGEAR R6400v2, update to a version that fixes the vulnerability. For NETGEAR R6700v3 version 1.0.4.120 10.0.91, update to a version that fixes the vulnerability. For NETGEAR R6900P, update to a version that fixes the vulnerability. For NETGEAR R7000, update to a version that fixes the vulnerability. For NETGEAR R7000P, update to a version that fixes the vulnerability. For NETGEAR R8500, update to a version that fixes the vulnerability. For NETGEAR RS400, update to a version that fixes the vulnerability. For NETGEAR WNDR3400v3, update to a version that fixes the vulnerability. For NETGEAR WNR3500Lv2, update to a version that fixes the vulnerability. For NETGEAR XR300, update to a version that fixes the vulnerability. For NETGEAR D6220, update to a version that fixes the vulnerability. For NETGEAR D6400, update to a version that fixes the vulnerability. For NETGEAR D7000v2, update to a version that fixes the vulnerability. For NETGEAR R7100LG, update to a version that fixes the vulnerability. For NETGEAR DC112A, update to a version that fixes the vulnerability. As a temporary workaround, consider disabling the handling of SOAP requests until a patch is available. Restrict access to the vulnerable upnpd service to minimize the risk of exploitation. Avoid using the SOAPAction header in SOAP requests to the affected routers until the issue is resolved.