Lucene search

[email protected]NVD:CVE-2022-48322

HistoryFeb 13, 2023 - 5:15 a.m.

CVE-2022-48322

2023-02-1305:15:13

CWE-787

[email protected]

web.nvd.nist.gov

netgear

nighthawk

routers

vulnerable

stack overflow

cve-2022-48322

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.002

Percentile

61.3%

JSON

NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.

Affected configurations

Nvd

Node

netgearmr60Match-

AND

netgearmr60_firmwareRange<1.1.7.132

Node

netgearms60Match-

AND

netgearms60_firmwareRange<1.1.7.132

Node

netgearr6900pMatch-

AND

netgearr6900p_firmwareRange<1.3.3.154

Node

netgearr7000pMatch-

AND

netgearr7000p_firmwareRange<1.3.3.154

Node

netgearr7960pMatch-

AND

netgearr7960p_firmwareRange<1.4.4.94

Node

netgearr8000pMatch-

AND

netgearr8000p_firmwareRange<1.4.4.94

VendorProductVersionCPE
netgearmr60-cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*
netgearmr60_firmware*cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*
netgearms60-cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*
netgearms60_firmware*cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*
netgearr6900p-cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*
netgearr6900p_firmware*cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*
netgearr7000p-cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*
netgearr7000p_firmware*cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*
netgearr7960p-cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*
netgearr7960p_firmware*cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	mr60	-	cpe:2.3:h:netgear:mr60:-:::::::*
netgear	mr60_firmware	*	cpe:2.3:o:netgear:mr60_firmware::::::::
netgear	ms60	-	cpe:2.3:h:netgear:ms60:-:::::::*
netgear	ms60_firmware	*	cpe:2.3:o:netgear:ms60_firmware::::::::
netgear	r6900p	-	cpe:2.3:h:netgear:r6900p:-:::::::*
netgear	r6900p_firmware	*	cpe:2.3:o:netgear:r6900p_firmware::::::::
netgear	r7000p	-	cpe:2.3:h:netgear:r7000p:-:::::::*
netgear	r7000p_firmware	*	cpe:2.3:o:netgear:r7000p_firmware::::::::
netgear	r7960p	-	cpe:2.3:h:netgear:r7960p:-:::::::*
netgear	r7960p_firmware	*	cpe:2.3:o:netgear:r7960p_firmware::::::::

Rows per page:

1-10 of 121

References

kb.netgear.com/000065265/Security-Advisory-for-Pre-authentication-Buffer-Overflow-on-Multiple-Products-PSV-2022-0155

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.002

Percentile

61.3%

JSON

Related for NVD:CVE-2022-48322

prion1 cvelist1 cve1