Main Vulnerability Database Vulnerabilities #VU64815

Input validation error in NETGEAR products - #VU64815

Published: June 30, 2022

Vulnerability identifier: #VU64815

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-20

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
RAXE450
RAXE500
CAX80
EX3700
EX3800
EX6120
EX6130
MK62
MK82
R6700v3
RAX20
RAX15
RAX45
RAX50
RAX43
RAX40v2
RAX38v2
RAX35v2
RAX200
LAX20
RAX80
RAX75
MR60
MR80
MS60
MS80
R6400v2
R7000
R7000P
XR1000

Software vendor:
NETGEAR

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker on the local network can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Remediation

Install updates from vendor's website.

External links

https://kb.netgear.com/000065042/Security-Advisory-for-Denial-of-Service-on-Some-Routers-and-WiFi-Systems-PSV-2021-0141

Input validation error in NETGEAR products - #VU64815

Description

Remediation

External links

Please verify you're human