Denial of service in NETGEAR Routers and WiFi Systems

1) Stack-based buffer overflow

EUVDB-ID: #VU85062

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: N/A

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error. A local administrator attacker can trigger stack-based buffer overflow and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MR80: before 1.1.7.12

MS80: before 1.1.7.12

MK82: before 1.1.7.12

CBR750: before 4.6.14.4

RBRE960: before 7.2.6.21

RBSE960: before 7.2.6.21

RBKE962: before 7.2.6.21

MR70: before 7.0.2.26

MS70: before 7.0.2.26

MK72: before 7.0.2.26

MR60: before 1.1.6.124

MS60: before 1.1.6.124

MK62: before 1.1.6.124

RAX38v2: before 1.0.11.112

RAX48: before 1.0.11.112

RAX43: before 1.0.11.112

RAX50: before 1.0.11.112

RAX35v2: before 1.0.11.112

RAX45: before 1.0.11.112

RAX40v2: before 1.0.11.112

RAX50S: before 1.0.11.112

RAX42: before 1.0.11.112

RAXE500: before 1.0.10.82

RAXE450: before 1.0.10.82

RBR750: before 4.6.9.11

RBS750: before 4.6.9.11

RBK752: before 4.6.9.11

RBR850: before 4.6.9.11

RBS850: before 4.6.9.11

RBK852: before 4.6.9.11

RBR840: before 4.6.9.11

RBS840: before 4.6.9.11

RBK842: before 4.6.9.11

External links

http://kb.netgear.com/000065939/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2019-0222

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.