CVE-2022-24655

A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:ex6100_firmware:201.0.2.28:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:cax80_firmware:2.1.2.6:*:*:*:*:*:*:*
cpe:2.3:h:netgear:cax80:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:dc112a_firmware:1.0.0.62:*:*:*:*:*:*:*
cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:50

Type Values Removed Values Added
References () https://github.com/doudoudedi/Netgear_product_stack_overflow/blob/main/NETGEAR%20EX%20series%20upnpd%20stack_overflow.md - Exploit, Patch, Third Party Advisory () https://github.com/doudoudedi/Netgear_product_stack_overflow/blob/main/NETGEAR%20EX%20series%20upnpd%20stack_overflow.md - Exploit, Patch, Third Party Advisory
References () https://kb.netgear.com/000064615/Security-Advisory-for-Pre-Authentication-Command-Injection-on-EX6100v1-and-Pre-Authentication-Stack-Overflow-on-Multiple-Products-PSV-2021-0282-PSV-2021-0288 - Vendor Advisory () https://kb.netgear.com/000064615/Security-Advisory-for-Pre-Authentication-Command-Injection-on-EX6100v1-and-Pre-Authentication-Stack-Overflow-on-Multiple-Products-PSV-2021-0282-PSV-2021-0288 - Vendor Advisory
References () https://www.netgear.com/about/security/ - Vendor Advisory () https://www.netgear.com/about/security/ - Vendor Advisory

Information

Published : 2022-03-18 11:15

Updated : 2024-11-21 06:50


NVD link : CVE-2022-24655

Mitre link : CVE-2022-24655

CVE.ORG link : CVE-2022-24655


JSON object : View

Products Affected

netgear

  • ex6200
  • dc112a_firmware
  • ex6100_firmware
  • ex6200_firmware
  • dc112a
  • cax80_firmware
  • ex6100
  • cax80
CWE
CWE-787

Out-of-bounds Write