CVE-2022-48322

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-48322
NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://kb.netgear.com/000065265/Security-Advisory-for-Pre-authentication-Buffer-Overflow-on-Multiple-Products-PSV-2022-0155 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*
History

23 Feb 2023, 05:14

Type Values Removed Values Added
New CVE
Information

Published : 2023-02-13 05:15

Updated : 2024-02-04 23:14

NVD link : CVE-2022-48322

Mitre link : CVE-2022-48322

CVE.ORG link : CVE-2022-48322

JSON object : View

Products Affected

netgear

  • ms60
  • r8000p
  • r7960p_firmware
  • r6900p
  • r7000p
  • r8000p_firmware
  • r7000p_firmware
  • r6900p_firmware
  • r7960p
  • mr60_firmware
  • mr60
  • ms60_firmware
CWE
CWE-787

Out-of-bounds Write