Denial of service in NETGEAR Routers, Extenders and WiFi Systems

Published: 2023-01-02

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	N/A
CWE-ID	CWE-119
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	RAXE500 Hardware solutions / Routers & switches, VoIP, GSM, etc RAXE450 Hardware solutions / Routers & switches, VoIP, GSM, etc LAX20 Hardware solutions / Routers & switches, VoIP, GSM, etc MK83 Hardware solutions / Routers & switches, VoIP, GSM, etc MR80 Hardware solutions / Routers & switches, VoIP, GSM, etc MS80 Hardware solutions / Routers & switches, VoIP, GSM, etc RAX42 Hardware solutions / Routers & switches, VoIP, GSM, etc RAX43 Hardware solutions / Routers & switches, VoIP, GSM, etc RAX48 Hardware solutions / Routers & switches, VoIP, GSM, etc RAX45 Hardware solutions / Routers & switches, VoIP, GSM, etc RAX50 Hardware solutions / Routers & switches, VoIP, GSM, etc RAX50S Hardware solutions / Routers & switches, VoIP, GSM, etc RAX38v2 Hardware solutions / Routers & switches, VoIP, GSM, etc RAX35v2 Hardware solutions / Routers & switches, VoIP, GSM, etc RAX40v2 Hardware solutions / Routers & switches, VoIP, GSM, etc EX6120 Hardware solutions / Routers & switches, VoIP, GSM, etc EX6130 Hardware solutions / Routers & switches, VoIP, GSM, etc MK72 Hardware solutions / Routers & switches, VoIP, GSM, etc MR70 Hardware solutions / Routers & switches, VoIP, GSM, etc MS70 Hardware solutions / Routers & switches, VoIP, GSM, etc MK62 Hardware solutions / Routers & switches, VoIP, GSM, etc MR60 Hardware solutions / Routers & switches, VoIP, GSM, etc MS60 Hardware solutions / Routers & switches, VoIP, GSM, etc XR1000 Hardware solutions / Routers for home users
Vendor

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Buffer overflow

EUVDB-ID: #VU70561

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of servie (DoS) attack.

The vulnerability exists due to a boundary error. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

RAXE500: before 1.0.11.94

RAXE450: before 1.0.11.94

LAX20: before 1.1.6.34

MK83: before 1.1.6.14

MR80: before 1.1.6.14

MS80: before 1.1.6.14

RAX42: before 1.0.10.110

RAX43: before 1.0.10.110

RAX48: before 1.0.10.110

RAX45: before 1.0.10.110

RAX50: before 1.0.10.110

RAX50S: before 1.0.10.110

RAX38v2: before 1.0.10.110

RAX35v2: before 1.0.10.110

RAX40v2: before 1.0.10.110

EX6120: before 1.0.0.68

EX6130: before 1.0.0.48

XR1000: before 1.0.0.64

MK72: before 1.0.2.26

MR70: before 1.0.2.26

MS70: before 1.0.2.26

MK62: before 1.1.6.124

MR60: before 1.1.6.124

MS60: before 1.1.6.124

External links

http://kb.netgear.com/000065492/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2021-0275

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.