Description

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.

Related CPE's

o

netgear

rbw30_firmware

Vulnerable

h

netgear

rbw30

-

o

netgear

rbk852_firmware

Vulnerable

h

netgear

rbk852

-

o

netgear

rbk853_firmware

Vulnerable

h

netgear

rbk853

-

o

netgear

rbk854_firmware

Vulnerable

h

netgear

rbk854

-

o

netgear

rbr850_firmware

Vulnerable

h

netgear

rbr850

-

o

netgear

rbs850_firmware

Vulnerable

h

netgear

rbs850

-

o

netgear

rbk752_firmware

Vulnerable

h

netgear

rbk752

-

o

netgear

rbk753_firmware

Vulnerable

h

netgear

rbk753

-

o

netgear

rbk753s_firmware

Vulnerable

h

netgear

rbk753s

-

o

netgear

rbk754_firmware

Vulnerable

h

netgear

rbk754

-

o

netgear

rbr750_firmware

Vulnerable

h

netgear

rbr750

-

o

netgear

rbs750_firmware

Vulnerable

h

netgear

rbs750

-

References

https://kb.netgear.com/000063011/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Routers-PSV-2020-0467

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-787

CVSS impact metrics

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

8.4 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-03-23T07:15:13.797

4 years ago

Last modified

2021-03-24T20:27:30.243

4 years ago