PT-2022-4902 · NetGear · Netgear Nighthawk Ac1900 Smart Wifi Dual Band Gigabit Router

Published

2022-08-01

Updated

2025-05-27

CVE-2022-37234

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router version R7000-V1.0.11.134 10.2.119

Description The issue is related to a buffer overflow vulnerability caused by the strncpy function in the wl binary of the firmware. This vulnerability can lead to a stack overflow, potentially allowing an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For version R7000-V1.0.11.134 10.2.119, consider disabling the wl binary until a patch is available to prevent potential exploitation of the buffer overflow vulnerability.

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

BDU:2022-06065

CVE-2022-37234

Affected Products

Netgear Nighthawk Ac1900 Smart Wifi Dual Band Gigabit Router

CVE-2022-37234

Weakness Enumeration

Related Identifiers

Affected Products

References · 9