var-202004-1716
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR EX2700 is a wireless network signal extender. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1716",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "r900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "ex2700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r9000",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wn2000rptv3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wn3000rpv3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "wn3100rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.130"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46357"
},
{
"db": "VULMON",
"id": "CVE-2018-21205"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"db": "NVD",
"id": "CVE-2018-21205"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1.28",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0.118",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.3.24",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.2.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:r900_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:r900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.2.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.2.96",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.2.98",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21205"
}
]
},
"cve": "CVE-2018-21205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016347",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-46357",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21205",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016347",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-21205",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21205",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016347",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-46357",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2275",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21205",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46357"
},
{
"db": "VULMON",
"id": "CVE-2018-21205"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"db": "NVD",
"id": "CVE-2018-21205"
},
{
"db": "NVD",
"id": "CVE-2018-21205"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2275"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR EX2700 is a wireless network signal extender. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21205"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"db": "CNVD",
"id": "CNVD-2021-46357"
},
{
"db": "VULMON",
"id": "CVE-2018-21205"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21205",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016347",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-46357",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2275",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21205",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46357"
},
{
"db": "VULMON",
"id": "CVE-2018-21205"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"db": "NVD",
"id": "CVE-2018-21205"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2275"
}
]
},
"id": "VAR-202004-1716",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46357"
}
],
"trust": 1.3282949814285714
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46357"
}
]
},
"last_update_date": "2023-12-18T14:04:43.735000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2568",
"trust": 0.8,
"url": "https://kb.netgear.com/000055144/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2568"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46357)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/276311"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=117367"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46357"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2275"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"db": "NVD",
"id": "CVE-2018-21205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21205"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055144/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2568"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21205"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46357"
},
{
"db": "VULMON",
"id": "CVE-2018-21205"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"db": "NVD",
"id": "CVE-2018-21205"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2275"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-46357"
},
{
"db": "VULMON",
"id": "CVE-2018-21205"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"db": "NVD",
"id": "CVE-2018-21205"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2275"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46357"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21205"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"date": "2020-04-28T16:15:13.497000",
"db": "NVD",
"id": "CVE-2018-21205"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2275"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46357"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21205"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016347"
},
{
"date": "2020-05-05T21:08:29.770000",
"db": "NVD",
"id": "CVE-2018-21205"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2275"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2275"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016347"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2275"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.