Vulnerabilites related to netgear - r900_firmware
cve-2018-21212
Vulnerability from cvelistv5
Published
2020-04-28 15:36
Modified
2024-08-05 12:26
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T12:26:39.357Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000055137/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2490",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-04-28T15:36:49",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kb.netgear.com/000055137/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2490",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2018-21212",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000055137/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2490",
                     refsource: "CONFIRM",
                     url: "https://kb.netgear.com/000055137/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2490",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2018-21212",
      datePublished: "2020-04-28T15:36:49",
      dateReserved: "2020-04-20T00:00:00",
      dateUpdated: "2024-08-05T12:26:39.357Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2018-21210
Vulnerability from cvelistv5
Published
2020-04-28 15:33
Modified
2024-08-05 12:26
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T12:26:39.251Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000055139/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2492",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-04-28T15:33:29",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kb.netgear.com/000055139/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2492",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2018-21210",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000055139/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2492",
                     refsource: "CONFIRM",
                     url: "https://kb.netgear.com/000055139/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2492",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2018-21210",
      datePublished: "2020-04-28T15:33:29",
      dateReserved: "2020-04-20T00:00:00",
      dateUpdated: "2024-08-05T12:26:39.251Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2018-21207
Vulnerability from cvelistv5
Published
2020-04-28 15:15
Modified
2024-08-05 12:26
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T12:26:38.332Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000055142/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2566",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-04-28T15:15:12",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kb.netgear.com/000055142/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2566",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2018-21207",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000055142/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2566",
                     refsource: "CONFIRM",
                     url: "https://kb.netgear.com/000055142/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2566",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2018-21207",
      datePublished: "2020-04-28T15:15:12",
      dateReserved: "2020-04-20T00:00:00",
      dateUpdated: "2024-08-05T12:26:38.332Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2018-21205
Vulnerability from cvelistv5
Published
2020-04-28 15:13
Modified
2024-08-05 12:26
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T12:26:39.538Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000055144/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2568",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-04-28T15:13:35",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kb.netgear.com/000055144/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2568",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2018-21205",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000055144/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2568",
                     refsource: "CONFIRM",
                     url: "https://kb.netgear.com/000055144/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2568",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2018-21205",
      datePublished: "2020-04-28T15:13:35",
      dateReserved: "2020-04-20T00:00:00",
      dateUpdated: "2024-08-05T12:26:39.538Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2018-21206
Vulnerability from cvelistv5
Published
2020-04-28 15:14
Modified
2024-08-05 12:26
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T12:26:39.234Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000055143/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2567",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-04-28T15:14:12",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kb.netgear.com/000055143/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2567",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2018-21206",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  availabilityImpact: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000055143/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2567",
                     refsource: "CONFIRM",
                     url: "https://kb.netgear.com/000055143/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2567",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2018-21206",
      datePublished: "2020-04-28T15:14:12",
      dateReserved: "2020-04-20T00:00:00",
      dateUpdated: "2024-08-05T12:26:39.234Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2020-04-28 16:15
Modified
2024-11-21 04:03
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0173E81F-5BE3-4249-A620-EC36AD109D75",
                     versionEndExcluding: "1.0.1.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7D6C145-E2CD-4030-8AA8-C4071C0E242B",
                     versionEndExcluding: "1.0.1.28",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "76B12C31-83C3-427F-B2CA-D75EA89DCC6F",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F44A123-B256-428B-98C2-17570F2F32DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7494430D-BA3F-4EDB-9FB8-7586D4457B9D",
                     versionEndExcluding: "1.0.0.118",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C38F66ED-C53D-40F4-9F1E-96254BCD8A0C",
                     versionEndExcluding: "1.0.3.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2E62164-2324-4AF2-B300-8005DAD433B6",
                     versionEndExcluding: "1.0.2.40",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r900_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ABBD2E7-85AA-4EDA-908C-410D44DD74DC",
                     versionEndExcluding: "1.0.2.52",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F75EB581-AACC-401D-ACA7-0BCA73D12621",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC14D1E5-1302-4E4E-9119-E64342B0AE21",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "030AAA8B-65D9-42E4-ACF6-F2DB13D4AA30",
                     versionEndExcluding: "1.0.2.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DB649EB-E2F9-4E11-B68A-50B0096AF9B6",
                     versionEndExcluding: "1.0.0.56",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FAF6A089-4E7D-43D1-AF1F-01A7A592115E",
                     versionEndExcluding: "1.0.2.96",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
                     matchCriteriaId: "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
                     versionEndExcluding: "1.0.2.98",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1413C591-D066-4FA2-BEB1-6C60F8645F28",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1425F7B0-0990-43F4-9621-8DAE8508FEED",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4428B145-B86D-4709-BBA9-64BDE7D35A25",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81A6B7D4-1CBB-4D9E-8EB2-E5E82AFA59FA",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C31D6808-4103-4543-B7AB-84A79CD12006",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
      },
      {
         lang: "es",
         value: "Determinados dispositivos de NETGEAR están afectados por un desbordamiento del búfer en la región stack de la memoria por parte de un atacante no autenticado. Esto afecta a D7800 versiones anteriores a 1.0.1.30, EX2700 versiones anteriores a 1.0.1.28, R6100 versiones anteriores a 1.0.1.20, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3.24, R7800 versiones anteriores a 1.0.2.40, R9000 versiones anteriores a 1.0.2.52, WN2000RPTv3 versiones anteriores a 1. 0.1.20, WN3000RPv3 versiones anteriores a 1.0.2.50, WN3100RPv2 versiones anteriores a 1.0.0.56, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.50, y WNDR4500v3 versiones anteriores a 1.0.0.50.",
      },
   ],
   id: "CVE-2018-21206",
   lastModified: "2024-11-21T04:03:10.490",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "cve@mitre.org",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-04-28T16:15:13.543",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055143/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2567",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055143/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2567",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-04-28 16:15
Modified
2024-11-21 04:03
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0173E81F-5BE3-4249-A620-EC36AD109D75",
                     versionEndExcluding: "1.0.1.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7D6C145-E2CD-4030-8AA8-C4071C0E242B",
                     versionEndExcluding: "1.0.1.28",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "76B12C31-83C3-427F-B2CA-D75EA89DCC6F",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F44A123-B256-428B-98C2-17570F2F32DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7494430D-BA3F-4EDB-9FB8-7586D4457B9D",
                     versionEndExcluding: "1.0.0.118",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C38F66ED-C53D-40F4-9F1E-96254BCD8A0C",
                     versionEndExcluding: "1.0.3.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2E62164-2324-4AF2-B300-8005DAD433B6",
                     versionEndExcluding: "1.0.2.40",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r900_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ABBD2E7-85AA-4EDA-908C-410D44DD74DC",
                     versionEndExcluding: "1.0.2.52",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F75EB581-AACC-401D-ACA7-0BCA73D12621",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC14D1E5-1302-4E4E-9119-E64342B0AE21",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "030AAA8B-65D9-42E4-ACF6-F2DB13D4AA30",
                     versionEndExcluding: "1.0.2.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DB649EB-E2F9-4E11-B68A-50B0096AF9B6",
                     versionEndExcluding: "1.0.0.56",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FAF6A089-4E7D-43D1-AF1F-01A7A592115E",
                     versionEndExcluding: "1.0.2.96",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
                     matchCriteriaId: "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
                     versionEndExcluding: "1.0.2.98",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1413C591-D066-4FA2-BEB1-6C60F8645F28",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1425F7B0-0990-43F4-9621-8DAE8508FEED",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4428B145-B86D-4709-BBA9-64BDE7D35A25",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81A6B7D4-1CBB-4D9E-8EB2-E5E82AFA59FA",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C31D6808-4103-4543-B7AB-84A79CD12006",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
      },
      {
         lang: "es",
         value: "Determinados dispositivos de NETGEAR están afectados por un desbordamiento del búfer en la región stack de la memoria por parte de un atacante no autenticado. Esto afecta a D7800 versiones anteriores a 1.0.1.30, EX2700 versiones anteriores a 1.0.1.28, R6100 versiones anteriores a 1.0.1.20, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3.24, R7800 versiones anteriores a 1.0.2.40, R9000 versiones anteriores a 1.0.2.52, WN2000RPTv3 versiones anteriores a 1. 0.1.20, WN3000RPv3 versiones anteriores a 1.0.2.50, WN3100RPv2 versiones anteriores a 1.0.0.56, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.50, y WNDR4500v3 versiones anteriores a 1.0.0.50.",
      },
   ],
   id: "CVE-2018-21205",
   lastModified: "2024-11-21T04:03:10.330",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "cve@mitre.org",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-04-28T16:15:13.497",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055144/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2568",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055144/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2568",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-04-28 16:15
Modified
2024-11-21 04:03
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "47FB5F9D-2B33-44AD-BD57-164DF945ADA7",
                     versionEndExcluding: "1.0.0.67",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2089DF5E-598C-4CC2-B910-05C8D209A1BB",
                     versionEndExcluding: "1.0.0.67",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B5A756C-6CA4-46EF-80B8-9051FB607B43",
                     versionEndExcluding: "1.0.0.56",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0173E81F-5BE3-4249-A620-EC36AD109D75",
                     versionEndExcluding: "1.0.1.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7D6C145-E2CD-4030-8AA8-C4071C0E242B",
                     versionEndExcluding: "1.0.1.28",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "76B12C31-83C3-427F-B2CA-D75EA89DCC6F",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F44A123-B256-428B-98C2-17570F2F32DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7494430D-BA3F-4EDB-9FB8-7586D4457B9D",
                     versionEndExcluding: "1.0.0.118",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C38F66ED-C53D-40F4-9F1E-96254BCD8A0C",
                     versionEndExcluding: "1.0.3.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2E62164-2324-4AF2-B300-8005DAD433B6",
                     versionEndExcluding: "1.0.2.40",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r900_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ABBD2E7-85AA-4EDA-908C-410D44DD74DC",
                     versionEndExcluding: "1.0.2.52",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F75EB581-AACC-401D-ACA7-0BCA73D12621",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC14D1E5-1302-4E4E-9119-E64342B0AE21",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "030AAA8B-65D9-42E4-ACF6-F2DB13D4AA30",
                     versionEndExcluding: "1.0.2.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DB649EB-E2F9-4E11-B68A-50B0096AF9B6",
                     versionEndExcluding: "1.0.0.56",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FAF6A089-4E7D-43D1-AF1F-01A7A592115E",
                     versionEndExcluding: "1.0.2.96",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
                     matchCriteriaId: "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
                     versionEndExcluding: "1.0.2.98",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1413C591-D066-4FA2-BEB1-6C60F8645F28",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1425F7B0-0990-43F4-9621-8DAE8508FEED",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4428B145-B86D-4709-BBA9-64BDE7D35A25",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81A6B7D4-1CBB-4D9E-8EB2-E5E82AFA59FA",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C31D6808-4103-4543-B7AB-84A79CD12006",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
      },
      {
         lang: "es",
         value: "Determinados dispositivos de NETGEAR están afectados por un desbordamiento del búfer por parte de un atacante no autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.67, D6000 versiones anteriores a 1.0.0.67, D6100 versiones anteriores a 1.0.0.56, D7800 versiones anteriores a 1.0.1.30, EX2700 versiones anteriores a 1.0.1.28, R6100 versiones anteriores a 1.0.1.20, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3.24, R7800 versiones anteriores a 1.0.2. 40, R9000 versiones anteriores a 1.0.2.52, WN2000RPTv3 versiones anteriores a 1.0.1.20, WN3000RPv3 versiones anteriores a 1.0.2.50, WN3100RPv2 versiones anteriores a 1.0.0.56, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.50, y WNDR4500v3 versiones anteriores a 1.0.0.50.",
      },
   ],
   id: "CVE-2018-21212",
   lastModified: "2024-11-21T04:03:11.420",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "cve@mitre.org",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-04-28T16:15:13.997",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055137/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2490",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055137/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2490",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-04-28 16:15
Modified
2024-11-21 04:03
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "47FB5F9D-2B33-44AD-BD57-164DF945ADA7",
                     versionEndExcluding: "1.0.0.67",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2089DF5E-598C-4CC2-B910-05C8D209A1BB",
                     versionEndExcluding: "1.0.0.67",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0173E81F-5BE3-4249-A620-EC36AD109D75",
                     versionEndExcluding: "1.0.1.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7D6C145-E2CD-4030-8AA8-C4071C0E242B",
                     versionEndExcluding: "1.0.1.28",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "76B12C31-83C3-427F-B2CA-D75EA89DCC6F",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F44A123-B256-428B-98C2-17570F2F32DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7494430D-BA3F-4EDB-9FB8-7586D4457B9D",
                     versionEndExcluding: "1.0.0.118",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C38F66ED-C53D-40F4-9F1E-96254BCD8A0C",
                     versionEndExcluding: "1.0.3.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2E62164-2324-4AF2-B300-8005DAD433B6",
                     versionEndExcluding: "1.0.2.40",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r900_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ABBD2E7-85AA-4EDA-908C-410D44DD74DC",
                     versionEndExcluding: "1.0.2.52",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F75EB581-AACC-401D-ACA7-0BCA73D12621",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC14D1E5-1302-4E4E-9119-E64342B0AE21",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "030AAA8B-65D9-42E4-ACF6-F2DB13D4AA30",
                     versionEndExcluding: "1.0.2.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DB649EB-E2F9-4E11-B68A-50B0096AF9B6",
                     versionEndExcluding: "1.0.0.56",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FAF6A089-4E7D-43D1-AF1F-01A7A592115E",
                     versionEndExcluding: "1.0.2.96",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
                     matchCriteriaId: "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
                     versionEndExcluding: "1.0.2.98",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1413C591-D066-4FA2-BEB1-6C60F8645F28",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1425F7B0-0990-43F4-9621-8DAE8508FEED",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4428B145-B86D-4709-BBA9-64BDE7D35A25",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81A6B7D4-1CBB-4D9E-8EB2-E5E82AFA59FA",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C31D6808-4103-4543-B7AB-84A79CD12006",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
      },
      {
         lang: "es",
         value: "Determinados dispositivos de NETGEAR están afectados por un desbordamiento del búfer en la región stack de la memoria por parte de un atacante no autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.67, D6000 versiones anteriores a 1.0.0.67, D7800 versiones anteriores a 1.0.1.30, EX2700 versiones anteriores a 1.0.1.28, R6100 versiones anteriores a 1.0.1.20, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3.24, R7800 versiones anteriores a 1.0.2.40, R9000 versiones anteriores a 1. 0.2.52, WN2000RPTv3 versiones anteriores a 1.0.1.20, WN3000RPv3 versiones anteriores a 1.0.2.50, WN3100RPv2 versiones anteriores a 1.0.0.56, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.50, y WNDR4500v3 versiones anteriores a 1.0.0.50.",
      },
   ],
   id: "CVE-2018-21207",
   lastModified: "2024-11-21T04:03:10.640",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "cve@mitre.org",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-04-28T16:15:13.700",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055142/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2566",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055142/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2566",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-04-28 16:15
Modified
2024-11-21 04:03
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "47FB5F9D-2B33-44AD-BD57-164DF945ADA7",
                     versionEndExcluding: "1.0.0.67",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2089DF5E-598C-4CC2-B910-05C8D209A1BB",
                     versionEndExcluding: "1.0.0.67",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0173E81F-5BE3-4249-A620-EC36AD109D75",
                     versionEndExcluding: "1.0.1.30",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7D6C145-E2CD-4030-8AA8-C4071C0E242B",
                     versionEndExcluding: "1.0.1.28",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "76B12C31-83C3-427F-B2CA-D75EA89DCC6F",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F44A123-B256-428B-98C2-17570F2F32DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7494430D-BA3F-4EDB-9FB8-7586D4457B9D",
                     versionEndExcluding: "1.0.0.118",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C38F66ED-C53D-40F4-9F1E-96254BCD8A0C",
                     versionEndExcluding: "1.0.3.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2E62164-2324-4AF2-B300-8005DAD433B6",
                     versionEndExcluding: "1.0.2.40",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r900_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ABBD2E7-85AA-4EDA-908C-410D44DD74DC",
                     versionEndExcluding: "1.0.2.52",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F75EB581-AACC-401D-ACA7-0BCA73D12621",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC14D1E5-1302-4E4E-9119-E64342B0AE21",
                     versionEndExcluding: "1.0.1.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "030AAA8B-65D9-42E4-ACF6-F2DB13D4AA30",
                     versionEndExcluding: "1.0.2.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DB649EB-E2F9-4E11-B68A-50B0096AF9B6",
                     versionEndExcluding: "1.0.0.56",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FAF6A089-4E7D-43D1-AF1F-01A7A592115E",
                     versionEndExcluding: "1.0.2.96",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
                     matchCriteriaId: "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
                     versionEndExcluding: "1.0.2.98",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1413C591-D066-4FA2-BEB1-6C60F8645F28",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1425F7B0-0990-43F4-9621-8DAE8508FEED",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4428B145-B86D-4709-BBA9-64BDE7D35A25",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "81A6B7D4-1CBB-4D9E-8EB2-E5E82AFA59FA",
                     versionEndExcluding: "1.0.0.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C31D6808-4103-4543-B7AB-84A79CD12006",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.",
      },
      {
         lang: "es",
         value: "Determinados dispositivos de NETGEAR están afectados por un desbordamiento del búfer por parte de un atacante no autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.67, D6000 versiones anteriores a 1.0.0.67, D7800 versiones anteriores a 1.0.1.30, EX2700 versiones anteriores a 1.0.1.28, R6100 versiones anteriores a 1.0.1.20, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3.24, R7800 versiones anteriores a 1.0.2.40, R9000 versiones anteriores a 1. 0.2.52, WN2000RPTv3 versiones anteriores a 1.0.1.20, WN3000RPv3 versiones anteriores a 1.0.2.50, WN3100RPv2 versiones anteriores a 1.0.0.56, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.50, y WNDR4500v3 versiones anteriores a 1.0.0.50.",
      },
   ],
   id: "CVE-2018-21210",
   lastModified: "2024-11-21T04:03:11.097",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "cve@mitre.org",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-04-28T16:15:13.887",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055139/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2492",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000055139/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2492",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}