HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2018-21203

CVSS 8.8v3.1pub. 2020-04-28upd. 2024-11-21

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6100 before 1.0.1.20, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Netgear R6100

    HW
    Netgear
    wszystkie wersje
  • Netgear R6100 Firmware

    OS
    Netgear
    < 1.0.1.20
  • Netgear R9000

    HW
    Netgear
    wszystkie wersje
  • Netgear R9000 Firmware

    OS
    Netgear
    < 1.0.2.52
  • Netgear Wndr3700

    HW
    Netgear
    v4
  • Netgear Wndr3700 Firmware

    OS
    Netgear
    < 1.0.2.96
  • Netgear Wndr4300

    HW
    Netgear
    v2
  • Netgear Wndr4300 Firmware

    OS
    Netgear
    < 1.0.2.98< 1.0.0.50
  • Netgear Wndr4500

    HW
    Netgear
    v3
  • Netgear Wndr4500 Firmware

    OS
    Netgear
    < 1.0.0.50
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth BypassMemory
CWE
References

Related vulnerabilities

CVE-2016-10174CRITICAL9.8⚠ KEVten sam produkt

The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL...

CVE-2025-29044CRITICAL9.8PL ✓ten sam produkt

Buffer overflow w Netgear R6100 umożliwiający zdalne wykonanie kodu

CVE-2021-45619CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects EX6200v...

CVE-2021-45618CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 b...

CVE-2021-38516CRITICAL10.0ten sam produkt

Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 befor...