CVE-2022-27641

Published: Mar 29, 2023Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15806.

Affected (9)

Products: Netgear: D7800 Firmware, Ex6200 Firmware, Ex8000 Firmware, R6220 Firmware, R6230 Firmware, R6400 Firmware, R6700 Firmware, R7000 Firmware, R7800 Firmware

9 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear D7800 Firmware	Before 1.0.1.68

Running on/with	Platform Versions
Netgear D7800	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6200 Firmware	Before 1.0.1.90

Running on/with	Platform Versions
Netgear Ex6200	Version v2

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex8000 Firmware	Before 1.0.1.240

Running on/with	Platform Versions
Netgear Ex8000	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R6220 Firmware	Before 1.1.0.112

Running on/with	Platform Versions
Netgear R6220	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R6230 Firmware	Before 1.1.0.112

Running on/with	Platform Versions
Netgear R6230	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R6400 Firmware	Before 1.0.4.122

Running on/with	Platform Versions
Netgear R6400	Version v2

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R6700 Firmware	Before 1.0.4.122

Running on/with	Platform Versions
Netgear R6700	Version v3

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R7000 Firmware	Before 1.0.11.130

Running on/with	Platform Versions
Netgear R7000	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R7800 Firmware	Before 1.0.2.90

Running on/with	Platform Versions
Netgear R7800	All versions

Related CWEs

CWE-190

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (4)

https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278

Source: zdi-disclosures@trendmicro.com

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-22-544/

Source: zdi-disclosures@trendmicro.com

Third Party AdvisoryVDB Entry

https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-22-544/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.