← Back

CVE-2022-24655

nvd nist
Published: Mar 18, 2022Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.

Affected (4)

Netgear
4 products
Ex6100 Firmware
Ex6200 Firmware
Cax80 Firmware
Dc112a Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ex6100 Firmware
Version 201.0.2.28
Running on/withPlatform Versions
Netgear
Ex6100
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ex6200 Firmware
All versions
Running on/withPlatform Versions
Netgear
Ex6200
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cax80 Firmware
Version 2.1.2.6
Running on/withPlatform Versions
Netgear
Cax80
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dc112a Firmware
Version 1.0.0.62
Running on/withPlatform Versions
Netgear
Dc112a
All versions

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (6)

Source: cve@mitre.org
ExploitPatchThird Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.