CVE-2024-52016

Name of the Vulnerable Software and Affected Versions Netgear R8500 version 1.0.2.160 Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128

Description The issue is related to multiple stack overflow vulnerabilities in the wlg adv.cgi component of Netgear routers. These vulnerabilities can be exploited via the apmode dns1 pri and apmode dns1 sec parameters, allowing attackers to cause a Denial of Service (DoS) via a crafted POST request to the vulnerable API endpoint. The vulnerability is due to a lack of input size validation when handling these parameters, which can lead to buffer overflow.

Recommendations For Netgear R8500 version 1.0.2.160, update to a newer version that contains a fix for this issue. For Netgear XR300 version 1.0.3.78, update to a newer version that contains a fix for this issue. For Netgear R7000P version 1.3.3.154, update to a newer version that contains a fix for this issue. For Netgear R6400 v2 version 1.0.4.128, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the wlg adv.cgi component to minimize the risk of exploitation. Avoid using the apmode dns1 pri and apmode dns1 sec parameters in the affected API endpoint until the issue is resolved.