CVE-2021-34947

Published: May 7, 2024Modified: Aug 14, 2025

8.8

Vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: zdi-disclosures@trendmicro.com (Secondary)

Description

NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the soap_block_table file. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-13055.

Affected (41)

Products: Netgear: D7800 Firmware, Ex2700 Firmware, Ex6100 Firmware, Ex6150 Firmware, Ex6200 Firmware, Ex6250 Firmware, Ex6400 Firmware, Ex6400v2 Firmware, Ex6410 Firmware, Ex6420 Firmware, Ex6500v1 Firmware, Ex7300 Firmware, Ex7300v2 Firmware, Ex7320 Firmware, Ex7700 Firmware, Ex8000 Firmware, Lbr1020 Firmware, Lbr20 Firmware, R6700ax Firmware, R7800 Firmware, R8900 Firmware, R9000 Firmware, Rax10 Firmware, Rax120 Firmware, Rax120v2 Firmware, Rax70 Firmware, Rax78 Firmware, Rbr10 Firmware, Rbr20 Firmware, Rbr40 Firmware, Rbr50 Firmware, Rbs10 Firmware, Rbs20 Firmware, Rbs40 Firmware, Rbs50 Firmware, Rbs50y Firmware, Wn3000rpv2 Firmware, Wnr2000v5 Firmware, Xr450 Firmware, Xr500 Firmware, Xr700 Firmware

41 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear D7800 Firmware	Before 1.0.1.64

Running on/with	Platform Versions
Netgear D7800	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex2700 Firmware	Before 1.0.1.66

Running on/with	Platform Versions
Netgear Ex2700	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6100 Firmware	Before 1.0.1.106

Running on/with	Platform Versions
Netgear Ex6100	Version v2

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6150 Firmware	Before 1.0.1.106

Running on/with	Platform Versions
Netgear Ex6150	Version v2

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6200 Firmware	Before 1.0.1.86

Running on/with	Platform Versions
Netgear Ex6200	Version v2

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6250 Firmware	Before 1.0.0.146

Running on/with	Platform Versions
Netgear Ex6250	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6400 Firmware	Before 1.0.2.164

Running on/with	Platform Versions
Netgear Ex6400	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6400v2 Firmware	Before 1.0.0.146

Running on/with	Platform Versions
Netgear Ex6400v2	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6410 Firmware	Before 1.0.0.146

Running on/with	Platform Versions
Netgear Ex6410	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6420 Firmware	Before 1.0.0.146

Running on/with	Platform Versions
Netgear Ex6420	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6500v1 Firmware	Before 1.0.0.146

Running on/with	Platform Versions
Netgear Ex6500v1	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7300 Firmware	Before 1.0.2.164

Running on/with	Platform Versions
Netgear Ex7300	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7300v2 Firmware	Before 1.0.0.146

Running on/with	Platform Versions
Netgear Ex7300v2	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7320 Firmware	Before 1.0.0.146

Running on/with	Platform Versions
Netgear Ex7320	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7700 Firmware	Before 1.0.0.222

Running on/with	Platform Versions
Netgear Ex7700	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex8000 Firmware	Before 1.0.1.238

Running on/with	Platform Versions
Netgear Ex8000	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Lbr1020 Firmware	Before 2.6.5.32

Running on/with	Platform Versions
Netgear Lbr1020	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Lbr20 Firmware	Before 2.6.5.32

Running on/with	Platform Versions
Netgear Lbr20	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R6700ax Firmware	Before 1.0.5.108

Running on/with	Platform Versions
Netgear R6700ax	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R7800 Firmware	Before 1.0.2.84

Running on/with	Platform Versions
Netgear R7800	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R8900 Firmware	Before 1.0.5.36

Running on/with	Platform Versions
Netgear R8900	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R9000 Firmware	Before 1.0.5.36

Running on/with	Platform Versions
Netgear R9000	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rax10 Firmware	Before 1.0.5.108

Running on/with	Platform Versions
Netgear Rax10	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rax120 Firmware	Before 1.2.2.24

Running on/with	Platform Versions
Netgear Rax120	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rax120v2 Firmware	Before 1.2.2.24

Running on/with	Platform Versions
Netgear Rax120v2	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rax70 Firmware	Before 1.0.5.108

Running on/with	Platform Versions
Netgear Rax70	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rax78 Firmware	Before 1.0.5.108

Running on/with	Platform Versions
Netgear Rax78	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr10 Firmware	Before 2.7.4.24

Running on/with	Platform Versions
Netgear Rbr10	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr20 Firmware	Before 2.7.4.24

Running on/with	Platform Versions
Netgear Rbr20	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr40 Firmware	Before 2.7.4.24

Running on/with	Platform Versions
Netgear Rbr40	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr50 Firmware	Before 2.7.4.24

Running on/with	Platform Versions
Netgear Rbr50	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs10 Firmware	Before 2.7.4.24

Running on/with	Platform Versions
Netgear Rbs10	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs20 Firmware	Before 2.7.4.24

Running on/with	Platform Versions
Netgear Rbs20	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs40 Firmware	Before 2.7.4.24

Running on/with	Platform Versions
Netgear Rbs40	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs50 Firmware	Before 2.7.4.24

Running on/with	Platform Versions
Netgear Rbs50	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs50y Firmware	Before 2.7.4.12

Running on/with	Platform Versions
Netgear Rbs50y	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Wn3000rpv2 Firmware	Before 1.0.0.88

Running on/with	Platform Versions
Netgear Wn3000rpv2	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Wnr2000v5 Firmware	Before 1.0.0.78

Running on/with	Platform Versions
Netgear Wnr2000v5	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr450 Firmware	Before 2.3.2.130

Running on/with	Platform Versions
Netgear Xr450	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr500 Firmware	Before 2.3.2.130

Running on/with	Platform Versions
Netgear Xr500	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr700 Firmware	Before 1.0.1.44

Running on/with	Platform Versions
Netgear Xr700	All versions

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

https://kb.netgear.com/000064044/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2021-0129

Source: zdi-disclosures@trendmicro.com

Third Party Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-1116/

Source: zdi-disclosures@trendmicro.com

Third Party Advisory

https://kb.netgear.com/000064044/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2021-0129

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-1116/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.