Main Vulnerability Database Vulnerabilities #VU76456

Buffer overflow in NETGEAR products - CVE-2023-31070

Published: May 24, 2023 / Updated: March 7, 2025

Vulnerability identifier: #VU76456

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2023-31070

CWE-ID: CWE-119

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vendor: NETGEAR

Affected software:
R6700
R6900
R7000
R7100LG
R7300DST
R7900
R8000
R8300
R8500

Detailed vulnerability description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to a boundary error. A local administrator can trigger memory corruption and execute arbitrary code on the target system.

How to mitigate CVE-2023-31070

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Sources

https://kb.netgear.com/000065667/Security-Advisory-for-Post-authentication-Buffer-Overflow-on-Some-Routers-PSV-2023-0068

Buffer overflow in NETGEAR products - CVE-2023-31070

Detailed vulnerability description

How to mitigate CVE-2023-31070

Sources

Please verify you're human