CVE-2022-48196

Name of the Vulnerable Software and Affected Versions NETGEAR RAX40 versions prior to 1.0.2.60 NETGEAR RAX35 versions prior to 1.0.2.60 NETGEAR R6400v2 versions prior to 1.0.4.122 NETGEAR R6700v3 versions prior to 1.0.4.122 NETGEAR R6900P versions prior to 1.3.3.152 NETGEAR R7000P versions prior to 1.3.3.152 NETGEAR R7000 versions prior to 1.0.11.136 NETGEAR R7960P versions prior to 1.4.4.94 NETGEAR R8000P versions prior to 1.4.4.94

Description The issue is a buffer overflow that can be exploited by an unauthenticated attacker. This allows the attacker to potentially execute code with elevated privileges. The problem is similar to a previous vulnerability that allowed code execution with root privileges through manipulation on the WAN interface.

Recommendations For RAX40 versions prior to 1.0.2.60, update to version 1.0.2.60 or later. For RAX35 versions prior to 1.0.2.60, update to version 1.0.2.60 or later. For R6400v2 versions prior to 1.0.4.122, update to version 1.0.4.122 or later. For R6700v3 versions prior to 1.0.4.122, update to version 1.0.4.122 or later. For R6900P versions prior to 1.3.3.152, update to version 1.3.3.152 or later. For R7000P versions prior to 1.3.3.152, update to version 1.3.3.152 or later. For R7000 versions prior to 1.0.11.136, update to version 1.0.11.136 or later. For R7960P versions prior to 1.4.4.94, update to version 1.4.4.94 or later. For R8000P versions prior to 1.4.4.94, update to version 1.4.4.94 or later.