Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects DC112A before 1.0.0.52, R6400 before 1.0.1.68, RAX200 before 1.0.3.106, WNDR3400v3 before 1.0.1.38, XR300 before 1.0.3.68, R8500 before 1.0.2.144, RAX75 before 1.0.3.106, R8300 before 1.0.2.144, and RAX80 before 1.0.3.106.
References
Link | Resource |
---|---|
https://kb.netgear.com/000064488/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0323 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
07 Jan 2022, 21:18
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:* |
|
References | (MISC) https://kb.netgear.com/000064488/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0323 - Patch, Vendor Advisory | |
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
26 Dec 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-26 01:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-45611
Mitre link : CVE-2021-45611
CVE.ORG link : CVE-2021-45611
JSON object : View
Products Affected
netgear
- wndr3400v3
- xr300_firmware
- r6400
- xr300
- rax75_firmware
- rax200_firmware
- r8300_firmware
- wndr3400v3_firmware
- r8500_firmware
- rax75
- r6400_firmware
- r8500
- rax80_firmware
- rax80
- dc112a_firmware
- r8300
- rax200
- dc112a
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')