HIGH✓ PATCH🇬🇧 English

CVE-2018-21202

CVSS 8.8v3.1pub. 2020-04-28upd. 2024-11-21

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Netgear D7800

    HW
    Netgear
    wszystkie wersje
  • Netgear D7800 Firmware

    OS
    Netgear
    < 1.0.1.30
  • Netgear R6100

    HW
    Netgear
    wszystkie wersje
  • Netgear R6100 Firmware

    OS
    Netgear
    < 1.0.1.20
  • Netgear R7500

    HW
    Netgear
    v2
  • Netgear R7500 Firmware

    OS
    Netgear
    < 1.0.3.24
  • Netgear R7800

    HW
    Netgear
    wszystkie wersje
  • Netgear R7800 Firmware

    OS
    Netgear
    < 1.0.2.40
  • Netgear R9000

    HW
    Netgear
    wszystkie wersje
  • Netgear R9000 Firmware

    OS
    Netgear
    < 1.0.2.52
  • Netgear Wndr3700

    HW
    Netgear
    v4
  • Netgear Wndr3700 Firmware

    OS
    Netgear
    < 1.0.2.96
  • Netgear Wndr4300

    HW
    Netgear
    v2
  • Netgear Wndr4300 Firmware

    OS
    Netgear
    < 1.0.0.54< 1.0.2.98
  • Netgear Wndr4500

    HW
    Netgear
    v3
  • Netgear Wndr4500 Firmware

    OS
    Netgear
    < 1.0.0.54
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth BypassMemory
CWE
Referencje

Powiązane podatności

CVE-2016-10174CRITICAL9.8⚠ KEVten sam produkt

The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL...

CVE-2025-29044CRITICAL9.8PL ✓ten sam produkt

Buffer overflow w Netgear R6100 umożliwiający zdalne wykonanie kodu

CVE-2021-45619CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects EX6200v...

CVE-2021-45618CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 b...

CVE-2021-38516CRITICAL10.0ten sam produkt

Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 befor...