CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
54.5%
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.
Vendor | Product | Version | CPE |
---|---|---|---|
netgear | ex6100_firmware | 201.0.2.28 | cpe:2.3:o:netgear:ex6100_firmware:201.0.2.28:*:*:*:*:*:*:* |
netgear | ex6100 | - | cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:* |
netgear | ex6200_firmware | * | cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:* |
netgear | ex6200 | - | cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:* |
netgear | cax80_firmware | 2.1.2.6 | cpe:2.3:o:netgear:cax80_firmware:2.1.2.6:*:*:*:*:*:*:* |
netgear | cax80 | - | cpe:2.3:h:netgear:cax80:-:*:*:*:*:*:*:* |
netgear | dc112a_firmware | 1.0.0.62 | cpe:2.3:o:netgear:dc112a_firmware:1.0.0.62:*:*:*:*:*:*:* |
netgear | dc112a | - | cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:* |
github.com/doudoudedi/Netgear_product_stack_overflow/blob/main/NETGEAR%20EX%20series%20upnpd%20stack_overflow.md
kb.netgear.com/000064615/Security-Advisory-for-Pre-Authentication-Command-Injection-on-EX6100v1-and-Pre-Authentication-Stack-Overflow-on-Multiple-Products-PSV-2021-0282-PSV-2021-0288
www.netgear.com/about/security/
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
54.5%