Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, RAX200 before 1.0.5.126, RAX75 before 1.0.5.126, and RAX80 before 1.0.5.126.
References
Link | Resource |
---|---|
https://kb.netgear.com/000064531/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-PSV-2021-0128 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
07 Jan 2022, 19:25
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
First Time |
Netgear r6900p Firmware
Netgear r6900p Netgear rax80 Netgear rax75 Netgear Netgear rax80 Firmware Netgear r7000 Netgear rax200 Firmware Netgear r6400v2 Firmware Netgear rax75 Firmware Netgear r6700v3 Netgear r6700v3 Firmware Netgear rax200 Netgear r7000 Firmware Netgear r6400v2 Netgear r7000p Netgear r7000p Firmware |
|
References | (MISC) https://kb.netgear.com/000064531/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-PSV-2021-0128 - Patch, Vendor Advisory | |
CPE | cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:* |
26 Dec 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-26 01:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-45607
Mitre link : CVE-2021-45607
CVE.ORG link : CVE-2021-45607
JSON object : View
Products Affected
netgear
- r7000p
- rax80
- r6400v2_firmware
- r6900p_firmware
- r7000_firmware
- r6700v3
- rax200
- r6400v2
- r6900p
- rax200_firmware
- rax75
- r7000p_firmware
- rax80_firmware
- r7000
- rax75_firmware
- r6700v3_firmware
CWE
CWE-787
Out-of-bounds Write