Multiple vulnerabilities in NETGEAR Products



| Updated: 2024-07-12
Risk Low
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2022-27642
CVE-2022-27647
CVE-2022-27643
CVE-2022-27645
CVE-2022-27646
CVE-2022-27644
CWE-ID CWE-200
CWE-287
Exploitation vector Local network
Public exploit Public exploit code for vulnerability #6 is available.
Vulnerable software
CAX80
Hardware solutions / Routers & switches, VoIP, GSM, etc

LAX20
Hardware solutions / Routers & switches, VoIP, GSM, etc

MR80
Hardware solutions / Routers & switches, VoIP, GSM, etc

MS80
Hardware solutions / Routers & switches, VoIP, GSM, etc

R6700v3
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX15
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX20
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX35v2
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX38v2
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX40v2
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX42
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX43
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX45
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX48
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX50
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX50S
Hardware solutions / Routers & switches, VoIP, GSM, etc

D7000v2
Hardware solutions / Routers & switches, VoIP, GSM, etc

CBR40
Hardware solutions / Routers & switches, VoIP, GSM, etc

R7100LG
Hardware solutions / Routers for home users

R6400
Hardware solutions / Routers for home users

R6400v2
Hardware solutions / Routers for home users

R6900P
Hardware solutions / Routers for home users

R7000
Hardware solutions / Routers for home users

R7000P
Hardware solutions / Routers for home users

R8500
Hardware solutions / Routers for home users

RS400
Hardware solutions / Routers for home users

D6220
Hardware solutions / Routers for home users

D6400
Hardware solutions / Routers for home users

WNDR3400v3
Hardware solutions / Routers for home users

WNR3500Lv2
Hardware solutions / Routers for home users

XR300
Hardware solutions / Routers for home users

Vendor NETGEAR

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU61586

Risk: Low

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-27642

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker with access to the local network or WiFi can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CAX80: All versions

LAX20: All versions

R7100LG: All versions

MR80: All versions

MS80: All versions

R6400: All versions

R6400v2: All versions

R6700v3: All versions

R6900P: All versions

R7000: All versions

R7000P: All versions

R8500: All versions

RAX15: All versions

RAX20: All versions

RAX35v2: All versions

RAX38v2: All versions

RAX40v2: All versions

RAX42: All versions

RAX43: All versions

RAX45: All versions

RAX48: All versions

RAX50: All versions

RAX50S: All versions

RS400: All versions

CPE2.3 External links

https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU61588

Risk: Low

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-27647

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker with access to the local network or WiFi can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CAX80: All versions

LAX20: All versions

R7100LG: All versions

MR80: All versions

MS80: All versions

R6400: All versions

R6400v2: All versions

R6700v3: All versions

R6900P: All versions

R7000: All versions

R7000P: All versions

R8500: All versions

RAX15: All versions

RAX20: All versions

RAX35v2: All versions

RAX38v2: All versions

RAX40v2: All versions

RAX42: All versions

RAX43: All versions

RAX45: All versions

RAX48: All versions

RAX50: All versions

RAX50S: All versions

RS400: All versions

CPE2.3 External links

https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper Authentication

EUVDB-ID: #VU61593

Risk: Low

CVSSv4.0: 0.7 [CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: N/A

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

R7100LG: All versions

R6400: All versions

R6400v2: All versions

R6700v3: All versions

CPE2.3 External links

https://kb.netgear.com/000064719/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0321


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Authentication

EUVDB-ID: #VU61592

Risk: Low

CVSSv4.0: 1.8 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-27643

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

D6220: All versions

D6400: All versions

D7000v2: All versions

R7100LG: All versions

R6400: All versions

R6400v2: All versions

R6700v3: All versions

R6900P: All versions

R7000: All versions

R7000P: All versions

R8500: All versions

RS400: All versions

WNDR3400v3: All versions

WNR3500Lv2: All versions

XR300: All versions

CPE2.3 External links

https://kb.netgear.com/000064720/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0323


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Information disclosure

EUVDB-ID: #VU61591

Risk: Low

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-27645

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker with access to the local network or WiFi can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

LAX20: All versions

R6400v2: All versions

R6700v3: All versions

R7000: All versions

R8500: All versions

RAX15: All versions

RAX20: All versions

RAX35v2: All versions

RAX38v2: All versions

RAX40v2: All versions

RAX42: All versions

RAX43: All versions

RAX45: All versions

RAX48: All versions

RAX50: All versions

RAX50S: All versions

CPE2.3 External links

https://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper Authentication

EUVDB-ID: #VU61590

Risk: Low

CVSSv4.0: 3.3 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2022-27646

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: Yes

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CBR40: All versions

R6400v2: All versions

R6700v3: All versions

R6900P: All versions

R7000: All versions

R7000P: All versions

RS400: All versions

CPE2.3 External links

https://kb.netgear.com/000064721/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0324


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

7) Improper Authentication

EUVDB-ID: #VU61589

Risk: Low

CVSSv4.0: 1.8 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-27644

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CBR40: All versions

R6400v2: All versions

R6700v3: All versions

R6900P: All versions

R7000: All versions

R7000P: All versions

RS400: All versions

CPE2.3 External links

https://kb.netgear.com/000064721/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0324


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###