Lucene search

MitreCVE-2023-36187

HistorySep 01, 2023 - 4:15 p.m.

CVE-2023-36187

2023-09-0116:15:08

CWE-120

mitre

web.nvd.nist.gov

cve-2023-36187

buffer overflow

netgear r6400v2

remote code execution

security vulnerability

nvd

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.004

Percentile

73.4%

JSON

Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.

Affected configurations

Nvd

Node

netgearcbr40_firmwareRange<2.5.0.24

AND

netgearcbr40Match-

Node

netgearlax20_firmwareRange<1.1.6.34

AND

netgearlax20Match-

Node

netgearmk62_firmwareRange<1.1.6.122

AND

netgearmk62Match-

Node

netgearmr60_firmwareRange<1.1.6.122

AND

netgearmr60Match-

Node

netgearms60_firmwareRange<1.1.6.122

AND

netgearms60Match-

Node

netgearrbw30_firmwareRange<2.6.2.6

AND

netgearrbw30Match-

Node

netgearr6400_firmwareRange<1.0.1.70

AND

netgearr6400Match-

Node

netgearr6400v2_firmwareRange<1.0.4.118

AND

netgearr6400v2Match-

Node

netgearr6700v3_firmwareRange<1.0.4.118

AND

netgearr6700v3Match-

Node

netgearr7000_firmwareRange<1.0.11.130

AND

netgearr7000Match-

Node

netgearr7000p_firmwareRange<1.3.3.148

AND

netgearr7000pMatch-

Node

netgearrax200_firmwareRange<1.0.4.120

AND

netgearrax200Match-

Node

netgearrax75_firmwareRange<1.0.4.120

AND

netgearrax75Match-

Node

netgearrax80_firmwareRange<1.0.4.120

AND

netgearrax80Match-

Node

netgearrs400_firmwareRange<1.5.1.86

AND

netgearrs400Match-

VendorProductVersionCPE
netgearcbr40_firmware*cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*
netgearcbr40-cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*
netgearlax20_firmware*cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*
netgearlax20-cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*
netgearmk62_firmware*cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*
netgearmk62-cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*
netgearmr60_firmware*cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*
netgearmr60-cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*
netgearms60_firmware*cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*
netgearms60-cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	cbr40_firmware	*	cpe:2.3:o:netgear:cbr40_firmware::::::::
netgear	cbr40	-	cpe:2.3:h:netgear:cbr40:-:::::::*
netgear	lax20_firmware	*	cpe:2.3:o:netgear:lax20_firmware::::::::
netgear	lax20	-	cpe:2.3:h:netgear:lax20:-:::::::*
netgear	mk62_firmware	*	cpe:2.3:o:netgear:mk62_firmware::::::::
netgear	mk62	-	cpe:2.3:h:netgear:mk62:-:::::::*
netgear	mr60_firmware	*	cpe:2.3:o:netgear:mr60_firmware::::::::
netgear	mr60	-	cpe:2.3:h:netgear:mr60:-:::::::*
netgear	ms60_firmware	*	cpe:2.3:o:netgear:ms60_firmware::::::::
netgear	ms60	-	cpe:2.3:h:netgear:ms60:-:::::::*

Rows per page:

1-10 of 301

References

kb.netgear.com/000065571/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0578

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.004

Percentile

73.4%

JSON

Related for CVE-2023-36187