Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
| AND |
|
History
21 Nov 2024, 08:09
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://kb.netgear.com/000065571/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0578 - Vendor Advisory |
07 Sep 2023, 17:05
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://kb.netgear.com/000065571/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0578 - Vendor Advisory | |
| First Time |
Netgear rbw30 Firmware
Netgear r7000p Firmware Netgear lax20 Firmware Netgear rax80 Firmware Netgear mr60 Firmware Netgear rax200 Firmware Netgear cbr40 Firmware Netgear r6400 Firmware Netgear mr60 Netgear cbr40 Netgear Netgear rax75 Netgear rs400 Firmware Netgear rs400 Netgear r7000 Netgear r6400v2 Netgear lax20 Netgear r6700v3 Netgear rax75 Firmware Netgear rax200 Netgear ms60 Netgear r6700v3 Firmware Netgear rbw30 Netgear r6400 Netgear r7000p Netgear mk62 Firmware Netgear mk62 Netgear r7000 Firmware Netgear r6400v2 Firmware Netgear rax80 Netgear ms60 Firmware |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| CWE | CWE-120 | |
| CPE | cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:* |
01 Sep 2023, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-09-01 16:15
Updated : 2024-11-21 08:09
NVD link : CVE-2023-36187
Mitre link : CVE-2023-36187
CVE.ORG link : CVE-2023-36187
JSON object : View
Products Affected
netgear
- cbr40
- ms60
- r6700v3_firmware
- mr60_firmware
- r7000p_firmware
- r6400v2_firmware
- rax75_firmware
- mr60
- r6700v3
- r6400v2
- rs400
- rbw30
- mk62_firmware
- rax200_firmware
- r6400_firmware
- r7000_firmware
- rax80_firmware
- cbr40_firmware
- rax75
- ms60_firmware
- lax20_firmware
- rax200
- rs400_firmware
- r7000p
- r6400
- rax80
- r7000
- rbw30_firmware
- lax20
- mk62
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')