Input validation error in NETGEAR products - #VU70563

 

Input validation error in NETGEAR products - #VU70563

Published: January 2, 2023


Vulnerability identifier: #VU70563
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: NETGEAR
Affected software:
CAX80
RAXE450
RAXE500
EX6120
EX6130
MK62
MR60
MS60
R6700v3
RAX45
RAX50
RAX43
RAX40v2
RAX38v2
RAX35v2
LAX20
MK83
MR80
MS80
RAX75
RAX80
R6400v2
R7000
R7000P
R6900P
XR1000

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


Remediation

Install updates from vendor's website.

Sources