Lucene search

MitreCVELIST:CVE-2023-23110

HistoryFeb 02, 2023 - 12:00 a.m.

CVE-2023-23110

2023-02-0200:00:00

mitre

www.cve.org

exploitable vulnerability

firmware modification

netgear products

data integrity

fixed checksum

mitm attack

checksum verification

wnr612v2

dgn1000v3

d6100

wnr1000v2

xavn2001v2

wnr2200

wnr2500

r8900

r9000

AI Score

7.6

Confidence

High

EPSS

0.009

Percentile

82.7%

JSON

An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification. This affects WNR612v2 Wireless Routers 1.0.0.3 and earlier, DGN1000v3 Modem Router 1.0.0.22 and earlier, D6100 WiFi DSL Modem Routers 1.0.0.63 and earlier, WNR1000v2 Wireless Routers 1.1.2.60 and earlier, XAVN2001v2 Wireless-N Extenders 0.4.0.7 and earlier, WNR2200 Wireless Routers 1.0.1.102 and earlier, WNR2500 Wireless Routers 1.0.0.34 and earlier, R8900 Smart WiFi Routers 1.0.3.6 and earlier, and R9000 Smart WiFi Routers 1.0.3.6 and earlier.

References

hackmd.io/%40slASVrz_SrW7NQCsunofeA/BkBPIeGco

hackmd.io/%40slASVrz_SrW7NQCsunofeA/H1lIcXbco

hackmd.io/%40slASVrz_SrW7NQCsunofeA/HyZRxmb9s

hackmd.io/%40slASVrz_SrW7NQCsunofeA/r1Z4BX-5i

hackmd.io/%40slASVrz_SrW7NQCsunofeA/ryjVZz-5s

hackmd.io/%40slASVrz_SrW7NQCsunofeA/S1BNhbWqi

hackmd.io/%40slASVrz_SrW7NQCsunofeA/S1qWglM5o

hackmd.io/%40slASVrz_SrW7NQCsunofeA/S1t47Ebqj

hackmd.io/%40slASVrz_SrW7NQCsunofeA/SJCGkb-9o

www.netgear.com/about/security/