Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects CBR40 before 2.3.5.12, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.30, R8000 before 1.0.4.52, and WNR3500Lv2 before 1.2.0.62.
References
Link | Resource |
---|---|
https://kb.netgear.com/000064058/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2019-0077 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
History
06 Jan 2022, 20:14
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://kb.netgear.com/000064058/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2019-0077 - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 7.2 |
CPE | cpe:2.3:h:netgear:wnr3500lv2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:wnr3500lv2_firmware:*:*:*:*:*:*:*:* |
|
First Time |
Netgear r7900 Firmware
Netgear r6400 Firmware Netgear r6900p Firmware Netgear r6900p Netgear wnr3500lv2 Netgear d8500 Firmware Netgear Netgear r7900 Netgear r7000 Netgear d7000v2 Netgear d8500 Netgear cbr40 Netgear cbr40 Firmware Netgear wnr3500lv2 Firmware Netgear d7000v2 Firmware Netgear r8000 Netgear r6400 Netgear r7000 Firmware Netgear r7000p Netgear r8000 Firmware Netgear r7000p Firmware |
|
CWE | CWE-120 |
26 Dec 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-26 01:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-45529
Mitre link : CVE-2021-45529
CVE.ORG link : CVE-2021-45529
JSON object : View
Products Affected
netgear
- d8500_firmware
- cbr40
- d8500
- r7000p_firmware
- r7000
- d7000v2_firmware
- r6400
- r7000p
- wnr3500lv2_firmware
- r7900_firmware
- r8000_firmware
- r6400_firmware
- wnr3500lv2
- d7000v2
- r8000
- r7000_firmware
- r6900p
- cbr40_firmware
- r6900p_firmware
- r7900
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')