Main Vulnerability Database SB2024010816

SB2024010816 - Denial of service in NETGEAR Routers and WiFi Systems

Published: January 8, 2024

Security Bulletin ID SB2024010816

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Stack-based buffer overflow (CVE-ID: N/A)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error. A local administrator attacker can trigger stack-based buffer overflow and cause a denial of service condition on the target system.

Remediation

Install update from vendor's website.

References

https://kb.netgear.com/000065939/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2019-0222

Vulnerable Software

MR80: before 1.1.7.12
MS80: before 1.1.7.12
MK82: before 1.1.7.12
CBR750: before 4.6.14.4
RBRE960: before 7.2.6.21
RBSE960: before 7.2.6.21
RBKE962: before 7.2.6.21
MR70: before 7.0.2.26
MS70: before 7.0.2.26
MK72: before 7.0.2.26
MR60: before 1.1.6.124
MS60: before 1.1.6.124
MK62: before 1.1.6.124
RAX38v2: before 1.0.11.112
RAX48: before 1.0.11.112
RAX43: before 1.0.11.112
RAX50: before 1.0.11.112
RAX35v2: before 1.0.11.112
RAX45: before 1.0.11.112
RAX40v2: before 1.0.11.112
RAX50S: before 1.0.11.112
RAX42: before 1.0.11.112
RAXE500: before 1.0.10.82
RAXE450: before 1.0.10.82
RBR750: before 4.6.9.11
RBS750: before 4.6.9.11
RBK752: before 4.6.9.11
RBR850: before 4.6.9.11
RBS850: before 4.6.9.11
RBK852: before 4.6.9.11
RBR840: before 4.6.9.11
RBS840: before 4.6.9.11
RBK842: before 4.6.9.11

SB2024010816 - Denial of service in NETGEAR Routers and WiFi Systems

Breakdown by Severity

Description

Remediation

References

Please verify you're human