Lucene search

[email protected]NVD:CVE-2023-27853

HistoryMar 10, 2023 - 6:15 p.m.

CVE-2023-27853

2023-03-1018:15:17

CWE-120

[email protected]

web.nvd.nist.gov

netgear

nighthawk

wifi6

router

v1.0.10.94

format string vulnerability

soap service

execute arbitrary code

device

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

66.1%

JSON

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device.

Affected configurations

Nvd

Node

netgearrax30_firmwareRange<1.0.10.94

AND

netgearrax30Match-

VendorProductVersionCPE
netgearrax30_firmware*cpe:2.3:o:netgear:rax30_firmware:*:*:*:*:*:*:*:*
netgearrax30-cpe:2.3:h:netgear:rax30:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	rax30_firmware	*	cpe:2.3:o:netgear:rax30_firmware::::::::
netgear	rax30	-	cpe:2.3:h:netgear:rax30:-:::::::*

References

tenable.com/security/research/tra-2023-9

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

66.1%

JSON

Related for NVD:CVE-2023-27853

cvelist1 cve1 prion1 wallarmlab1