CVE-2018-21221: Buffer Overflow
First published: Tue Apr 28 2020(Updated: )
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, and R9000 before 1.0.2.52.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgear R9000 Firmware | <1.0.2.52 | |
| NETGEAR R9000 | ||
| Netgear D6000 Firmware | <1.0.0.67 | |
| Netgear D6000 | ||
| Netgear D3600 Firmware | <1.0.0.67 | |
| NETGEAR D3600 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-21221?
CVE-2018-21221 is a vulnerability in certain NETGEAR devices that allows an unauthenticated attacker to trigger a buffer overflow.
Which devices are affected by CVE-2018-21221?
CVE-2018-21221 affects NETGEAR D3600 (firmware version up to 1.0.0.67), D6000 (firmware version up to 1.0.0.67), and R9000 (firmware version up to 1.0.2.52).
What is the severity of CVE-2018-21221?
CVE-2018-21221 has a severity rating of 8.8, which is classified as high.
How can an attacker exploit CVE-2018-21221?
An unauthenticated attacker can exploit CVE-2018-21221 by triggering a buffer overflow, potentially leading to remote code execution.
Is there a fix for CVE-2018-21221?
Yes, the affected NETGEAR devices can be fixed by updating to firmware versions that are not vulnerable.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/netgear
- canonical/netgear r9000 firmware
- canonical/netgear r9000
- canonical/netgear d6000 firmware
- canonical/netgear d6000
- canonical/netgear d3600 firmware
- canonical/netgear d3600