This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15806.
References
Link | Resource |
---|---|
https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278 | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-22-544/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
05 Apr 2023, 15:42
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-22-544/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278 - Vendor Advisory | |
CPE | cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:* cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:* cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:* |
|
First Time |
Netgear r7800
Netgear d7800 Netgear r6400 Netgear r6230 Netgear ex8000 Firmware Netgear r7800 Firmware Netgear r7000 Netgear d7800 Firmware Netgear r6230 Firmware Netgear r6700 Netgear r6400 Firmware Netgear ex6200 Netgear r6220 Netgear ex8000 Netgear r6700 Firmware Netgear ex6200 Firmware Netgear Netgear r6220 Firmware Netgear r7000 Firmware |
29 Mar 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-29 19:15
Updated : 2023-12-10 15:01
NVD link : CVE-2022-27641
Mitre link : CVE-2022-27641
CVE.ORG link : CVE-2022-27641
JSON object : View
Products Affected
netgear
- r6700_firmware
- r6230_firmware
- d7800
- ex8000_firmware
- r6220
- ex8000
- r7800
- r6400
- ex6200_firmware
- r6220_firmware
- r7800_firmware
- r7000
- ex6200
- r6700
- r7000_firmware
- d7800_firmware
- r6400_firmware
- r6230
CWE
CWE-190
Integer Overflow or Wraparound