First published: Tue Apr 28 2020(Updated: )
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Netgear D6100 Firmware | <1.0.0.57 | |
NETGEAR D6100 | ||
Netgear D7800 Firmware | <1.0.1.34 | |
Netgear D7800 | ||
Netgear R6100 Firmware | <1.0.1.20 | |
Netgear R6100 | ||
Netgear R7500 Firmware | <1.0.0.122 | |
Netgear R7500 | ||
NETGEAR R7800 firmware | <1.0.2.40 | |
NETGEAR R7800 | ||
Netgear R9000 Firmware | <1.0.2.52 | |
NETGEAR R9000 | ||
Netgear Wndr3700 Firmware | <1.0.2.92 | |
Netgear WNDR3700 | =v4 | |
Netgear Wndr4300 Firmware | <1.0.2.94 | |
Netgear Wndr4300 | ||
Netgear Wndr4300 Firmware | <1.0.0.50 | |
Netgear Wndr4300 | =v2 | |
Netgear Wndr4500 Firmware | <1.0.0.50 | |
Netgear WNDR4500 | =v3 | |
Netgear Wnr2000 Firmware | <1.0.0.62 | |
Netgear WNR2000 | =v5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
D6100, D7800, R6100, R7500, R7800, R9000, WNDR3700v4, WNDR4300
The severity of CVE-2018-21190 is medium with a CVSS score of 6.8.
An authenticated user can exploit CVE-2018-21190 by triggering a stack-based buffer overflow.
To fix CVE-2018-21190, update the firmware of the affected NETGEAR devices to the latest version provided by the manufacturer.
You can find more information about CVE-2018-21190 on the NETGEAR knowledge base article: https://kb.netgear.com/000055167/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2605