CVE-2018-21172
6.8
Vector
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.9 / Impact: 5.9
Source: NVD
Description
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.40 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7800 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.52 |
| Running on/with | Platform Versions |
|---|---|
Netgear R9000 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.92 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr3700 | Version v4 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.94 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4300 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.50 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4300 | Version v2 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.50 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4500 | Version v3 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.62 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr2000 | Version v5 |
References (2)
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.