Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow.
References
Link | Resource |
---|---|
https://hdwsec.fr/blog/20221109-netgear/ | Broken Link |
https://kb.netgear.com/000065242/Security-Advisory-for-Pre-authentication-Stack-Overflow-on-some-Routers-and-Nighthawk-WiFi-Mesh-Systems-PSV-2022-0146 | Patch Vendor Advisory |
https://www.netgear.com/about/security/ | Vendor Advisory |
https://hdwsec.fr/blog/20221109-netgear/ | Broken Link |
https://kb.netgear.com/000065242/Security-Advisory-for-Pre-authentication-Stack-Overflow-on-some-Routers-and-Nighthawk-WiFi-Mesh-Systems-PSV-2022-0146 | Patch Vendor Advisory |
https://www.netgear.com/about/security/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
21 Nov 2024, 07:32
Type | Values Removed | Values Added |
---|---|---|
References | () https://hdwsec.fr/blog/20221109-netgear/ - Broken Link | |
References | () https://kb.netgear.com/000065242/Security-Advisory-for-Pre-authentication-Stack-Overflow-on-some-Routers-and-Nighthawk-WiFi-Mesh-Systems-PSV-2022-0146 - Patch, Vendor Advisory | |
References | () https://www.netgear.com/about/security/ - Vendor Advisory |
Information
Published : 2023-01-31 00:15
Updated : 2024-11-21 07:32
NVD link : CVE-2022-48176
Mitre link : CVE-2022-48176
CVE.ORG link : CVE-2022-48176
JSON object : View
Products Affected
netgear
- r6900p
- ms60
- r8000p_firmware
- ms60_firmware
- r7960p_firmware
- r7960p
- r6900p_firmware
- r8000p
- r7000p
- mr60
- r7000p_firmware
- mr60_firmware
CWE
CWE-787
Out-of-bounds Write