Lucene search

TenableCVELIST:CVE-2021-20166

HistoryDec 30, 2021 - 9:31 p.m.

CVE-2021-20166

2021-12-3021:31:16

tenable

www.cve.org

netgear

rax43

buffer overrun

vulnerability

url parsing

cgi-bin

router

redirection

control flow

AI Score

9.1

Confidence

High

EPSS

0.004

Percentile

74.3%

JSON

Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton.

CNA Affected

[
  {
    "product": "Netgear RAX43",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.3.96"
      }
    ]
  }
]

References

www.tenable.com/security/research/tra-2021-55