Lucene search

K
cve[email protected]CVE-2023-30280
HistoryApr 26, 2023 - 8:15 p.m.

CVE-2023-30280

2023-04-2620:15:10
CWE-120
web.nvd.nist.gov
13
cve-2023-30280
buffer overflow
netgear
r6900
r6700v3
r6700
remote code execution
dos
fwschedule.cgi
nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.4%

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page.

Affected configurations

NVD
Node
netgearr6900_firmwareMatch1.0.2.26
AND
netgearr6900Match-
Node
netgearr6700_firmwareMatch1.0.0.26
AND
netgearr6700Match-
Node
netgearr6700_firmwareMatch1.0.4.128
AND
netgearr6700Matchv3

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.4%

Related for CVE-2023-30280