Main Vulnerability Database SB2022041102

SB2022041102 - Denial of service in NETGEAR Routers

Published: April 11, 2022

Security Bulletin ID SB2022041102

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Buffer overflow (CVE-ID: N/A)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.

Remediation

Install update from vendor's website.

References

https://kb.netgear.com/000064817/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2021-0272

Vulnerable Software

AC2100: before 1.2.0.90
AC2400: before 1.2.0.90
AC2600: before 1.2.0.90
D7000: before 1.0.1.84
R6120: before 1.0.0.82
R6220: before 1.1.0.112
R6230: before 1.1.0.112
R6260: before 1.1.0.86
R6330: before 1.1.0.86
R6350: before 1.1.0.86
R6700v2: before 1.2.0.90
R6850: before 1.1.0.86
R6900v2: before 1.2.0.90
R7200: before 1.2.0.90
R7350: before 1.2.0.90
R7400: before 1.2.0.90
R7450: before 1.2.0.90

SB2022041102 - Denial of service in NETGEAR Routers

Breakdown by Severity

Description

Remediation

References

Please verify you're human