This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15806.
References
| Link | Resource |
|---|---|
| https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278 | Vendor Advisory |
| https://www.zerodayinitiative.com/advisories/ZDI-22-544/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
History
05 Apr 2023, 15:42
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Netgear r6700 Firmware
Netgear ex8000 Firmware Netgear r6230 Netgear r7000 Netgear r6400 Netgear r7800 Netgear ex6200 Netgear ex8000 Netgear d7800 Netgear r7000 Firmware Netgear r6220 Firmware Netgear r6220 Netgear d7800 Firmware Netgear r6230 Firmware Netgear r6400 Firmware Netgear ex6200 Firmware Netgear r6700 Netgear Netgear r7800 Firmware |
|
| CPE | cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:* cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:* |
|
| References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-22-544/ - Third Party Advisory, VDB Entry | |
| References | (MISC) https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
Information
Published : 2023-03-29 19:15
Updated : 2023-04-05 15:42
NVD link : CVE-2022-27641
Mitre link : CVE-2022-27641
JSON object : View
Products Affected
netgear
- r6230
- ex6200
- r6700_firmware
- ex8000
- ex8000_firmware
- r6220
- r7000
- d7800_firmware
- ex6200_firmware
- r7800_firmware
- r6400
- r6220_firmware
- r6400_firmware
- r7000_firmware
- r6230_firmware
- d7800
- r7800
- r6700
CWE
CWE-190
Integer Overflow or Wraparound