#VU70561 Buffer overflow in NETGEAR products

Cybersecurity Help s.r.o.

Published: 2023-01-02

Vulnerability identifier: #VU70561

Vulnerability risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: N/A

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vendor: NETGEAR

Description

The vulnerability allows a remote attacker to perform a denial of servie (DoS) attack.

The vulnerability exists due to a boundary error. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

RAXE500: before 1.0.11.94

RAXE450: before 1.0.11.94

LAX20: before 1.1.6.34

MK83: before 1.1.6.14

MR80: before 1.1.6.14

MS80: before 1.1.6.14

RAX42: before 1.0.10.110

RAX43: before 1.0.10.110

RAX48: before 1.0.10.110

RAX45: before 1.0.10.110

RAX50: before 1.0.10.110

RAX50S: before 1.0.10.110

RAX38v2: before 1.0.10.110

RAX35v2: before 1.0.10.110

RAX40v2: before 1.0.10.110

EX6120: before 1.0.0.68

EX6130: before 1.0.0.48

XR1000: before 1.0.0.64

MK72: before 1.0.2.26

MR70: before 1.0.2.26

MS70: before 1.0.2.26

MK62: before 1.1.6.124

MR60: before 1.1.6.124

MS60: before 1.1.6.124

External links
https://kb.netgear.com/000065492/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2021-0275

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in NETGEAR Routers, Extenders and WiFi Systems