Multiple vulnerabilities in NETGEAR Products



Published: 2022-03-24
Risk Low
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2022-27642
CVE-2022-27647
CVE-2022-27643
CVE-2022-27645
CVE-2022-27646
CVE-2022-27644
CWE-ID CWE-200
CWE-287
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe
CAX80
Hardware solutions / Routers & switches, VoIP, GSM, etc

LAX20
Hardware solutions / Routers & switches, VoIP, GSM, etc

MR80
Hardware solutions / Routers & switches, VoIP, GSM, etc

MS80
Hardware solutions / Routers & switches, VoIP, GSM, etc

R6700v3
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX15
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX20
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX35v2
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX38v2
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX40v2
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX42
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX43
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX45
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX48
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX50
Hardware solutions / Routers & switches, VoIP, GSM, etc

RAX50S
Hardware solutions / Routers & switches, VoIP, GSM, etc

D7000v2
Hardware solutions / Routers & switches, VoIP, GSM, etc

CBR40
Hardware solutions / Routers & switches, VoIP, GSM, etc

R7100LG
Hardware solutions / Routers for home users

R6400
Hardware solutions / Routers for home users

R6400v2
Hardware solutions / Routers for home users

R6900P
Hardware solutions / Routers for home users

R7000
Hardware solutions / Routers for home users

R7000P
Hardware solutions / Routers for home users

R8500
Hardware solutions / Routers for home users

RS400
Hardware solutions / Routers for home users

D6220
Hardware solutions / Routers for home users

D6400
Hardware solutions / Routers for home users

WNDR3400v3
Hardware solutions / Routers for home users

WNR3500Lv2
Hardware solutions / Routers for home users

XR300
Hardware solutions / Routers for home users

Vendor

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU61586

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27642

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker with access to the local network or WiFi can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CAX80: before 2.1.3.7

LAX20: before 1.1.6.34

R7100LG: before 1.0.0.76

MR80: before 1.1.6.14

MS80: before 1.1.6.14

R6400: before 1.0.1.78

R6400v2: before 1.0.4.126

R6700v3: before 1.0.4.126

R6900P: before 1.3.3.148

R7000: before 1.0.11.134

R7000P: before 1.3.3.148

R8500: before 1.0.2.158

RAX15: before 1.0.10.110

RAX20: before 1.0.10.110

RAX35v2: before 1.0.10.110

RAX38v2: before 1.0.10.110

RAX40v2: before 1.0.10.110

RAX42: before 1.0.10.110

RAX43: before 1.0.10.110

RAX45: before 1.0.10.110

RAX48: before 1.0.10.110

RAX50: before 1.0.10.110

RAX50S: before 1.0.10.110

RS400: before 1.5.1.86

External links

http://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU61588

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27647

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker with access to the local network or WiFi can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CAX80: before 2.1.3.7

LAX20: before 1.1.6.34

R7100LG: before 1.0.0.76

MR80: before 1.1.6.14

MS80: before 1.1.6.14

R6400: before 1.0.1.78

R6400v2: before 1.0.4.126

R6700v3: before 1.0.4.126

R6900P: before 1.3.3.148

R7000: before 1.0.11.134

R7000P: before 1.3.3.148

R8500: before 1.0.2.158

RAX15: before 1.0.10.110

RAX20: before 1.0.10.110

RAX35v2: before 1.0.10.110

RAX38v2: before 1.0.10.110

RAX40v2: before 1.0.10.110

RAX42: before 1.0.10.110

RAX43: before 1.0.10.110

RAX45: before 1.0.10.110

RAX48: before 1.0.10.110

RAX50: before 1.0.10.110

RAX50S: before 1.0.10.110

RS400: before 1.5.1.86

External links

http://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper Authentication

EUVDB-ID: #VU61593

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

R7100LG: before 1.0.0.76

R6400: before 1.0.1.78

R6400v2: before 1.0.4.126

R6700v3: before 1.0.4.126

External links

http://kb.netgear.com/000064719/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0321


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Authentication

EUVDB-ID: #VU61592

Risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27643

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

D6220: before 1.0.0.80

D6400: before 1.0.0.114

D7000v2: before 1.0.0.80

R7100LG: before 1.0.0.76

R6400: before 1.0.1.78

R6400v2: before 1.0.4.126

R6700v3: before 1.0.4.126

R6900P: before 1.3.3.148

R7000: before 1.0.11.134

R7000P: before 1.3.3.148

R8500: before 1.0.2.158

RS400: before 1.5.1.86

WNDR3400v3: before 1.0.1.44

WNR3500Lv2: before 1.2.0.72

XR300: before 1.2.0.72

External links

http://kb.netgear.com/000064720/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0323


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Information disclosure

EUVDB-ID: #VU61591

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27645

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker with access to the local network or WiFi can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

LAX20: before 1.1.6.34

R6400v2: before 1.0.4.126

R6700v3: before 1.0.4.126

R7000: before 1.0.11.134

R8500: before 1.0.2.158

RAX15: before 1.0.10.110

RAX20: before 1.0.10.110

RAX35v2: before 1.0.10.110

RAX38v2: before 1.0.10.110

RAX40v2: before 1.0.10.110

RAX42: before 1.0.10.110

RAX43: before 1.0.10.110

RAX45: before 1.0.10.110

RAX48: before 1.0.10.110

RAX50: before 1.0.10.110

RAX50S: before 1.0.10.110

External links

http://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper Authentication

EUVDB-ID: #VU61590

Risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27646

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CBR40: before 2.5.0.28

R6400v2: before 1.0.4.126

R6700v3: before 1.0.4.126

R6900P: before 1.3.3.148

R7000: before 1.0.11.134

R7000P: before 1.3.3.148

RS400: before 1.5.1.86

External links

http://kb.netgear.com/000064721/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0324


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper Authentication

EUVDB-ID: #VU61589

Risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27644

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

CBR40: before 2.5.0.28

R6400v2: before 1.0.4.126

R6700v3: before 1.0.4.126

R6900P: before 1.3.3.148

R7000: before 1.0.11.134

R7000P: before 1.3.3.148

RS400: before 1.5.1.86

External links

http://kb.netgear.com/000064721/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0324


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###