PT-2023-26688 · NetGear · Netgear Dgn3500

Published

2023-08-07

Updated

2023-08-09

CVE-2023-38924

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Netgear DGN3500 version 1.1.00.37

Description A buffer overflow issue was discovered via the http password parameter at the "setup.cgi" endpoint.

Recommendations For Netgear DGN3500 version 1.1.00.37, avoid using the http password parameter in the "setup.cgi" endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2023-38924

Affected Products

Netgear Dgn3500

PT-2023-26688 · NetGear · Netgear Dgn3500

CVE-2023-38924

Weakness Enumeration

Related Identifiers

Affected Products

References · 5