Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400 before 1.0.1.68, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7900 before 1.0.4.38, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, and XR300 before 1.0.3.50.
References
Link | Resource |
---|---|
https://kb.netgear.com/000064072/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-PSV-2019-0214 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
05 Jan 2022, 20:46
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
First Time |
Netgear r7900 Firmware
Netgear r6400 Firmware Netgear r6900p Firmware Netgear r6900p Netgear xr300 Netgear rax80 Netgear rax75 Netgear Netgear r7900 Netgear rax80 Firmware Netgear r7000 Netgear xr300 Firmware Netgear rax75 Firmware Netgear r6400 Netgear r7000 Firmware Netgear r7000p Netgear r7000p Firmware |
|
References | (MISC) https://kb.netgear.com/000064072/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-PSV-2019-0214 - Patch, Vendor Advisory | |
CWE | CWE-787 | |
CPE | cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:* |
26 Dec 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-26 01:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-45605
Mitre link : CVE-2021-45605
CVE.ORG link : CVE-2021-45605
JSON object : View
Products Affected
netgear
- r7000
- rax75
- r7000_firmware
- rax75_firmware
- rax80
- rax80_firmware
- xr300
- r6400
- r7000p
- r6900p
- r6400_firmware
- r6900p_firmware
- r7900_firmware
- xr300_firmware
- r7000p_firmware
- r7900
CWE
CWE-787
Out-of-bounds Write