CVE-2022-24655

A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:ex6100_firmware:201.0.2.28:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:cax80_firmware:2.1.2.6:*:*:*:*:*:*:*
cpe:2.3:h:netgear:cax80:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:dc112a_firmware:1.0.0.62:*:*:*:*:*:*:*
cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-03-18 11:15

Updated : 2024-02-28 19:09


NVD link : CVE-2022-24655

Mitre link : CVE-2022-24655

CVE.ORG link : CVE-2022-24655


JSON object : View

Products Affected

netgear

  • cax80
  • ex6100
  • ex6200
  • cax80_firmware
  • dc112a_firmware
  • dc112a
  • ex6200_firmware
  • ex6100_firmware
CWE
CWE-787

Out-of-bounds Write