CVE-2022-48176

Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:32

Type Values Removed Values Added
References () https://hdwsec.fr/blog/20221109-netgear/ - Broken Link () https://hdwsec.fr/blog/20221109-netgear/ - Broken Link
References () https://kb.netgear.com/000065242/Security-Advisory-for-Pre-authentication-Stack-Overflow-on-some-Routers-and-Nighthawk-WiFi-Mesh-Systems-PSV-2022-0146 - Patch, Vendor Advisory () https://kb.netgear.com/000065242/Security-Advisory-for-Pre-authentication-Stack-Overflow-on-some-Routers-and-Nighthawk-WiFi-Mesh-Systems-PSV-2022-0146 - Patch, Vendor Advisory
References () https://www.netgear.com/about/security/ - Vendor Advisory () https://www.netgear.com/about/security/ - Vendor Advisory

Information

Published : 2023-01-31 00:15

Updated : 2024-11-21 07:32


NVD link : CVE-2022-48176

Mitre link : CVE-2022-48176

CVE.ORG link : CVE-2022-48176


JSON object : View

Products Affected

netgear

  • r6900p
  • ms60
  • r8000p_firmware
  • ms60_firmware
  • r7960p_firmware
  • r7960p
  • r6900p_firmware
  • r8000p
  • r7000p
  • mr60
  • r7000p_firmware
  • mr60_firmware
CWE
CWE-787

Out-of-bounds Write