CVE-2024-12988

Published: Dec 27, 2024Modified: May 28, 2025

6.9

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: CNA (Secondary)

Description

A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Affected (2)

Products: Netgear: R6900p Firmware, R7000p Firmware

2 products

R6900p Firmware

R7000p Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R6900p Firmware	Version 1.3.3.154

Running on/with	Platform Versions
Netgear R6900p	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R7000p Firmware	Version 1.3.3.154

Running on/with	Platform Versions
Netgear R7000p	All versions

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (7)

https://github.com/physicszq/Routers/tree/main/Netgear/1.3.3.154

Source: cna@vuldb.com

ExploitThird Party Advisory

https://vuldb.com/?ctiid.289381

Source: cna@vuldb.com

Permissions RequiredVDB Entry

https://vuldb.com/?id.289381

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.462781

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://www.netgear.com/

Source: cna@vuldb.com

Product

https://www.netgear.com/about/eos/

Source: cna@vuldb.com

Product

https://github.com/physicszq/Routers/tree/main/Netgear/1.3.3.154

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

ExploitThird Party Advisory

Timeline

No history available yet.