HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2018-21211

CVSS 8.8v3.1pub. 2020-04-28upd. 2024-11-21

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Netgear D3600

    HW
    Netgear
    wszystkie wersje
  • Netgear D3600 Firmware

    OS
    Netgear
    < 1.0.0.67
  • Netgear D6000

    HW
    Netgear
    wszystkie wersje
  • Netgear D6000 Firmware

    OS
    Netgear
    < 1.0.0.67
  • Netgear D6100

    HW
    Netgear
    wszystkie wersje
  • Netgear D6100 Firmware

    OS
    Netgear
    < 1.0.0.56
  • Netgear D7800

    HW
    Netgear
    wszystkie wersje
  • Netgear D7800 Firmware

    OS
    Netgear
    < 1.0.1.30
  • Netgear R7500

    HW
    Netgear
    v2
  • Netgear R7500 Firmware

    OS
    Netgear
    < 1.0.0.118< 1.0.3.24
  • Netgear R7800

    HW
    Netgear
    wszystkie wersje
  • Netgear R7800 Firmware

    OS
    Netgear
    < 1.0.2.40
  • Netgear R9000

    HW
    Netgear
    wszystkie wersje
  • Netgear R9000 Firmware

    OS
    Netgear
    < 1.0.2.52
  • Netgear Wndr3700

    HW
    Netgear
    v4
  • Netgear Wndr3700 Firmware

    OS
    Netgear
    < 1.0.2.96
  • Netgear Wndr4300

    HW
    Netgear
    v2
  • Netgear Wndr4300 Firmware

    OS
    Netgear
    < 1.0.0.50< 1.0.2.98
  • Netgear Wndr4500

    HW
    Netgear
    v3
  • Netgear Wndr4500 Firmware

    OS
    Netgear
    < 1.0.0.50
  • Netgear Wnr2000

    HW
    Netgear
    v5
  • Netgear Wnr2000 Firmware

    OS
    Netgear
    < 1.0.0.62
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth BypassMemory
CWE
References

Related vulnerabilities

CVE-2017-6862CRITICAL9.8⚠ KEVten sam produkt

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0...

CVE-2016-10174CRITICAL9.8⚠ KEVten sam produkt

The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL...

CVE-2023-50089CRITICAL9.8PL ✓ten sam produkt

Command Injection w NETGEAR WNR2000v4 przez SOAP over HTTP

CVE-2021-45618CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 b...

CVE-2021-45619CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects EX6200v...