Lucene search

[email protected]CVE-2022-48322

HistoryFeb 13, 2023 - 5:15 a.m.

CVE-2022-48322

2023-02-1305:15:13

CWE-787

[email protected]

web.nvd.nist.gov

netgear

nighthawk

wifi

mesh

stack-based buffer overflow

vulnerability

cve-2022-48322

mr60

ms60

r6900p

r7000p

r7960p

r8000p

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.8%

JSON

NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.

Affected configurations

NVD

Node

netgearmr60Match-

AND

netgearmr60_firmwareRange<1.1.7.132

Node

netgearms60Match-

AND

netgearms60_firmwareRange<1.1.7.132

Node

netgearr6900pMatch-

AND

netgearr6900p_firmwareRange<1.3.3.154

Node

netgearr7000pMatch-

AND

netgearr7000p_firmwareRange<1.3.3.154

Node

netgearr7960pMatch-

AND

netgearr7960p_firmwareRange<1.4.4.94

Node

netgearr8000pMatch-

AND

netgearr8000p_firmwareRange<1.4.4.94

CPENameOperatorVersion
netgear:mr60_firmwarenetgear mr60 firmwarelt1.1.7.132

CPE	Name	Operator	Version
netgear:mr60_firmware	netgear mr60 firmware	lt	1.1.7.132

References

kb.netgear.com/000065265/Security-Advisory-for-Pre-authentication-Buffer-Overflow-on-Multiple-Products-PSV-2022-0155

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.8%

JSON

Related for CVE-2022-48322

prion1 cvelist1 nvd1