Which NETGEAR devices are affected by CVE-2017-18738?

EX6150v2, R6400, R6400v2, R6700, R6900, R7000, R7000P, R6900P, R7100lg, R7300dst, R7900, R8000, R8300, R8500, R6100, Wndr4300, Wndr4500, Wnr2000

How does CVE-2017-18738 affect NETGEAR devices?

It allows an unauthenticated attacker to perform stack-based buffer overflow, potentially leading to remote code execution.

Is there a fix available for CVE-2017-18738?

Yes, it is recommended to update the firmware of the affected NETGEAR devices to the patched version.

Vulnerability/
CVE-2017-18738

high

8.8

CWE

787 119

23/4/2020

CVE-2017-18738: Buffer Overflow

First published: Thu Apr 23 2020(Updated: )

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects EX6150v2 before 1.0.1.54, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.10, R7000P before 1.2.0.22, R6900P before 1.2.0.22, R7100LG before 1.0.0.32, R7300DST before 1.0.0.54, R7900 before 1.0.1.18, R8000 before 1.0.3.48, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R6100 before 1.0.1.16, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR2000v5 before 1.0.0.58.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
NETGEAR R7800	<1.0.1.54
Netgear Ex6150	=v2
Netgear R6400 Firmware	<1.0.1.24
NETGEAR R6400
Netgear R6400 Firmware	<1.0.2.32
NETGEAR R6400	=v2
Netgear R6700 Firmware	<1.0.1.22
NETGEAR R6700
Netgear R6900 Firmware	<1.0.1.22
Netgear R6900
Netgear R7000 Firmware	<1.0.9.10
NETGEAR R7000
Netgear R7000p Firmware	<1.2.0.22
Netgear R7000P
Netgear R6900p Firmware	<1.2.0.22
Netgear R6900P
Netgear R7100lg Firmware	<1.0.0.32
Netgear R7100LG
Netgear R7300dst Firmware	<1.0.0.54
Netgear R7300dst
Netgear R7900 Firmware	<1.0.1.18
Netgear R7900
Netgear R8000 Firmware	<1.0.3.48
NETGEAR R8000
Netgear R8300 Firmware	<1.0.2.106
NETGEAR R8300
Netgear R8500 Firmware	<1.0.2.106
NETGEAR R8500
Netgear R6100 Firmware	<1.0.1.16
Netgear R6100
Netgear Wndr4300 Firmware	<1.0.0.48
Netgear Wndr4300	=v2
Netgear Wndr4500 Firmware	<1.0.0.48
Netgear WNDR4500	=v3
Netgear Wnr2000 Firmware	<1.0.0.58
Netgear WNR2000	=v5

Never miss a vulnerability like this again

Reference Links

https://kb.netgear.com/000051517/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Extenders-PSV-2017-0706

Frequently Asked Questions

Which NETGEAR devices are affected by CVE-2017-18738?
EX6150v2, R6400, R6400v2, R6700, R6900, R7000, R7000P, R6900P, R7100lg, R7300dst, R7900, R8000, R8300, R8500, R6100, Wndr4300, Wndr4500, Wnr2000
What is the severity of CVE-2017-18738?
High (8.8)
What is the vulnerability type of CVE-2017-18738?
Stack-based buffer overflow
How does CVE-2017-18738 affect NETGEAR devices?
It allows an unauthenticated attacker to perform stack-based buffer overflow, potentially leading to remote code execution.
Is there a fix available for CVE-2017-18738?
Yes, it is recommended to update the firmware of the affected NETGEAR devices to the patched version.

CVE-2017-18738: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

Which NETGEAR devices are affected by CVE-2017-18738?

What is the severity of CVE-2017-18738?

What is the vulnerability type of CVE-2017-18738?

How does CVE-2017-18738 affect NETGEAR devices?

Is there a fix available for CVE-2017-18738?

Company

Resources

Contact