← Back

CVE-2018-21203

nvd nist
Published: Apr 28, 2020Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6100 before 1.0.1.20, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.

Affected (6)

Netgear
5 products
R6100 Firmware
R9000 Firmware
Wndr3700 Firmware
Wndr4300 Firmware
Wndr4500 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R6100 Firmware
Before 1.0.1.20
Running on/withPlatform Versions
Netgear
R6100
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
R9000 Firmware
Before 1.0.2.52
Running on/withPlatform Versions
Netgear
R9000
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wndr3700 Firmware
Before 1.0.2.96
Running on/withPlatform Versions
Netgear
Wndr3700
Version v4
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wndr4300 Firmware
Before 1.0.2.98
Running on/withPlatform Versions
Netgear
Wndr4300
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wndr4300 Firmware
Before 1.0.0.50
Running on/withPlatform Versions
Netgear
Wndr4300
Version v2
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wndr4500 Firmware
Before 1.0.0.50
Running on/withPlatform Versions
Netgear
Wndr4500
Version v3

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.