Lucene search

MitreCVELIST:CVE-2021-45638

HistoryDec 26, 2021 - 12:31 a.m.

CVE-2021-45638

2021-12-2600:31:28

mitre

www.cve.org

cve-2021-45638

netgear

stack-based buffer overflow

unauthenticated attacker

d6220

d6400

d7000v2

d8500

dc112a

r6300v2

r6400

r7000

r7100lg

rbs40v

rbw30

rs400

r7000p

r6900p

CVSS3

9.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.003

Percentile

65.6%

JSON

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.74, D8500 before 1.0.3.60, DC112A before 1.0.0.56, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R7000 before 1.0.11.116, R7100LG before 1.0.0.70, RBS40V before 2.6.2.8, RBW30 before 2.6.2.2, RS400 before 1.5.1.80, R7000P before 1.3.2.132, and R6900P before 1.3.2.132.

References

kb.netgear.com/000064496/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-PSV-2020-0464

CVSS3

9.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.003

Percentile

65.6%

JSON

Related for CVELIST:CVE-2021-45638