CVE-2022-27642

🗓️ 29 Mar 2023 19:15:08Reported by [email protected]Type

Vulnerability in NETGEAR R6700v3 routers allows unauthenticated access and code execution

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of httpd-demon in NETGEAR’s integrated router software—NETGEAR R6400, NETGEAR R6400v2, NETGEAR R6700v3, NETGEAR R6900P, NETGEAR R7000, NETGEAR R7000P, NETGEAR R8500, NETGEAR RAX15, NETGEAR RAX20, NETGEAR RAX35v2, NETGEAR RAX38v2, NETGEAR RAX40v2, NETGEAR RAX42, NETGEAR RAX43, NETGEAR RAX45, NETGEAR RAX48, NETGEAR RAX50, NETGEAR RAX50S, NETGEAR RS400, NETGEAR R7100LG, NETGEAR LAX20, NETGEAR CAX80, NETGEAR MR80, NETGEAR MS80—allows a hacker to bypass authentication.	4 Apr 202200:00	–	bdu_fstec
Circl	CVE-2022-27642	29 Mar 202322:31	–	circl
CNNVD	NETGEAR R6700v3 信息泄露漏洞	23 Mar 202200:00	–	cnnvd
CNVD	NETGEAR R6700v3 Information Disclosure Vulnerability	25 Mar 202200:00	–	cnvd
CVE	CVE-2022-27642	29 Mar 202300:00	–	cve
Cvelist	CVE-2022-27642	29 Mar 202300:00	–	cvelist
EUVD	EUVD-2022-32143	3 Oct 202520:07	–	euvd
OSV	CVE-2022-27642	29 Mar 202319:15	–	osv
Prion	Authentication flaw	29 Mar 202319:15	–	prion
Positive Technologies	PT-2021-6473 · NetGear · Netgear Rax50 +20	1 Dec 202100:00	–	ptsecurity

NVD

Node

netgear cax80_firmwareRange<2.1.3.7

AND

netgear cax80Match-

Node

netgear lax20_firmwareRange<1.1.6.34

AND

netgear lax20Match-

Node

netgear mr60_firmwareRange<1.1.6.124

AND

netgear mr60Match-

Node

netgear mr80_firmwareRange<1.1.6.14

AND

netgear mr80Match-

Node

netgear ms60_firmwareRange<1.1.6.124

AND

netgear ms60Match-

Node

netgear ms80_firmwareRange<1.1.6.14

AND

netgear ms80Match-

Node

netgear r6400_firmwareRange<1.0.1.78

AND

netgear r6400Match-

Node

netgear r6400_firmwareRange<1.0.4.126

AND

netgear r6400Matchv2

Node

netgear r6700_firmwareRange<1.0.4.126

AND

netgear r6700Matchv3

Node

netgear r6900p_firmwareRange<1.3.3.148

AND

netgear r6900pMatch-

Node

netgear r7000_firmwareRange<1.0.11.134

AND

netgear r7000Match-

Node

netgear r7000p_firmwareRange<1.3.3.148

AND

netgear r7000pMatch-

Node

netgear r7850_firmwareRange<1.0.5.84

AND

netgear r7850Match-

Node

netgear r7900p_firmwareRange<1.4.3.88

AND

netgear r7900pMatch-

Node

netgear r7960p_firmwareRange<1.4.3.88

AND

netgear r7960pMatch-

Node

netgear r8000_firmwareRange<1.0.4.84

AND

netgear r8000Match-

Node

netgear r8000p_firmwareRange<1.4.3.88

AND

netgear r8000pMatch-

Node

netgear r8500_firmwareRange<1.0.2.158

AND

netgear r8500Match-

Node

netgear rax15_firmwareRange<1.0.10.110

AND

netgear rax15Match-

Node

netgear rax20_firmwareRange<1.0.10.110

AND

netgear rax20Match-

Node

netgear rax200_firmwareRange<1.0.6.138

AND

netgear rax200Match-

Node

netgear rax35_firmwareRange<1.0.10.110

AND

netgear rax35Matchv2

Node

netgear rax38_firmwareRange<1.0.10.110

AND

netgear rax38Matchv2

Node

netgear rax40_firmwareRange<1.0.10.110

AND

netgear rax40Matchv2

Node

netgear rax42_firmwareRange<1.0.10.110

AND

netgear rax42Match-

Node

netgear rax43_firmwareRange<1.0.10.110

AND

netgear rax43Match-

Node

netgear rax45_firmwareRange<1.0.10.110

AND

netgear rax45Match-

Node

netgear rax48_firmwareRange<1.0.10.110

AND

netgear rax48Match-

Node

netgear rax50_firmwareRange<1.0.10.110

AND

netgear rax50Match-

Node

netgear rax50s_firmwareRange<1.0.10.110

AND

netgear rax50sMatch-

Node

netgear rax75_firmwareRange<1.0.6.138

AND

netgear rax75Match-

Node

netgear rax80_firmwareRange<1.0.6.138

AND

netgear rax80Match-

Node

netgear rs400_firmwareRange<1.5.1.86

AND

netgear rs400Match-

Node

netgear r7100lg_firmwareRange<1.0.0.76

AND

netgear r7100lgMatch-

Source	Link
kb	www.kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-22-518/

21 Nov 2024 06:56Current

7.3High risk

Vulners AI Score7.3

CVSS 3.18.8

CVSS 36.3

EPSS0.00871

CWE-863