CVE-2023-36187

Name of the Vulnerable Software and Affected Versions NETGEAR R6400v2 versions prior to 1.0.4.118

Description The issue is related to a Buffer Overflow in the httpd service of the NETGEAR R6400v2 Wi-Fi router's firmware, which can be exploited by remote unauthenticated attackers to execute arbitrary code. This can be achieved via a crafted URL to the httpd service. The exploitation may allow a remote attacker to execute arbitrary code using a specially crafted malicious web page.

Recommendations For versions prior to 1.0.4.118, update to version 1.0.4.118 or later to resolve the issue. As a temporary workaround, consider restricting access to the httpd service until a patch is applied. Avoid using crafted URLs that may trigger the Buffer Overflow vulnerability in the httpd service.