Search criteria
85 vulnerabilities found for R6400v2 by NETGEAR
VAR-202110-1807
Vulnerability from variot - Updated: 2025-08-20 23:06NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1807",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "rax35v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "v6510-1fxaus",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.68"
},
{
"model": "raxe500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "rax38v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.70"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "rax40v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.76"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.106"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.126"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.128"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.30"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.76"
},
{
"model": "raxe450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "d6220",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6120",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr1000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6130",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7000v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dgn2200v4",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "v6510-1fxaus",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "multiple routers",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sungur Labs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
}
],
"trust": 1.3
},
"cve": "CVE-2021-34983",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34983",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-021935",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34983",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-34983",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2021-021935",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2021-34983",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-2191",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34983"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "ZDI",
"id": "ZDI-21-1275"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34983",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-21-1275",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-13708",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"id": "VAR-202110-1807",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42902259035714285
},
"last_update_date": "2025-08-20T23:06:15.645000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167951"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000064313/security-advisory-for-pre-authentication-buffer-overflow-on-some-extenders-routers-and-dsl-modem-routers-psv-2021-0159"
},
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-1275/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34983"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"date": "2025-08-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"date": "2024-05-07T23:15:13.573000",
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1275"
},
{
"date": "2025-08-18T05:10:00",
"db": "JVNDB",
"id": "JVNDB-2021-021935"
},
{
"date": "2021-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2191"
},
{
"date": "2025-08-14T01:40:56.983000",
"db": "NVD",
"id": "CVE-2021-34983"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability related to lack of authentication for important functions in multiple NETGEAR products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021935"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-2191"
}
],
"trust": 0.6
}
}
VAR-202110-1806
Vulnerability from variot - Updated: 2025-08-16 23:08NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13709. DC112A firmware, EX3700 firmware, EX3800 Multiple Netgear products, including firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1806",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rax35v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "v6510-1fxaus",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.68"
},
{
"model": "raxe500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "rax38v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "ms80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax48",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.70"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "rax40v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.126"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.76"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.106"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax50s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.128"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.30"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "rax42",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.76"
},
{
"model": "raxe450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.8.70"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.100"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.156"
},
{
"model": "mr80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.10"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.132"
},
{
"model": "mr80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6130",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7850",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7100lg",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6120",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex3700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "multiple routers",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sungur Labs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
}
],
"trust": 1.3
},
"cve": "CVE-2021-34982",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34982",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-021931",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-34982",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-34982",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-021931",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-34982",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-2193",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13709. DC112A firmware, EX3700 firmware, EX3800 Multiple Netgear products, including firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-34982"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "ZDI",
"id": "ZDI-21-1274"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-34982",
"trust": 3.9
},
{
"db": "ZDI",
"id": "ZDI-21-1274",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-13709",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"id": "VAR-202110-1806",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4290225903571429
},
"last_update_date": "2025-08-16T23:08:29.384000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167952"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
},
{
"problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://kb.netgear.com/000064313/security-advisory-for-pre-authentication-buffer-overflow-on-some-extenders-routers-and-dsl-modem-routers-psv-2021-0159"
},
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-1274/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-34982"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"date": "2025-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"date": "2024-05-07T23:15:13.400000",
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-1274"
},
{
"date": "2025-08-15T07:39:00",
"db": "JVNDB",
"id": "JVNDB-2021-021931"
},
{
"date": "2021-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-2193"
},
{
"date": "2025-08-14T01:41:19.343000",
"db": "NVD",
"id": "CVE-2021-34982"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Out-of-bounds write vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-021931"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-2193"
}
],
"trust": 0.6
}
}
VAR-202309-0028
Vulnerability from variot - Updated: 2025-06-25 23:16Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. CBR40 firmware, LAX20 firmware, MK62 A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR R6400v2 is a router from NETGEAR. It is a hardware device that connects two or more networks and acts as a gateway between networks.
NETGEAR R6400v2 has a code execution vulnerability, which is caused by the program failing to properly filter special elements in the constructed code segment
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202309-0028",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.34"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.24"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.148"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.130"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.6"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.86"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "mk62",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.122"
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mk62",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rs400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax75",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbw30",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13348"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011580"
},
{
"db": "NVD",
"id": "CVE-2023-36187"
}
]
},
"cve": "CVE-2023-36187",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-13348",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-36187",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-36187",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-36187",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2023-36187",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-13348",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13348"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011580"
},
{
"db": "NVD",
"id": "CVE-2023-36187"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. CBR40 firmware, LAX20 firmware, MK62 A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR R6400v2 is a router from NETGEAR. It is a hardware device that connects two or more networks and acts as a gateway between networks. \n\nNETGEAR R6400v2 has a code execution vulnerability, which is caused by the program failing to properly filter special elements in the constructed code segment",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-36187"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011580"
},
{
"db": "CNVD",
"id": "CNVD-2025-13348"
},
{
"db": "VULMON",
"id": "CVE-2023-36187"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-36187",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011580",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-13348",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-36187",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13348"
},
{
"db": "VULMON",
"id": "CVE-2023-36187"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011580"
},
{
"db": "NVD",
"id": "CVE-2023-36187"
}
]
},
"id": "VAR-202309-0028",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13348"
}
],
"trust": 0.918212886875
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13348"
}
]
},
"last_update_date": "2025-06-25T23:16:33.434000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for NETGEAR R6400v2 Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/700431"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13348"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011580"
},
{
"db": "NVD",
"id": "CVE-2023-36187"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://kb.netgear.com/000065571/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-psv-2020-0578"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-36187"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-13348"
},
{
"db": "VULMON",
"id": "CVE-2023-36187"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011580"
},
{
"db": "NVD",
"id": "CVE-2023-36187"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-13348"
},
{
"db": "VULMON",
"id": "CVE-2023-36187"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-011580"
},
{
"db": "NVD",
"id": "CVE-2023-36187"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13348"
},
{
"date": "2023-09-01T00:00:00",
"db": "VULMON",
"id": "CVE-2023-36187"
},
{
"date": "2023-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-011580"
},
{
"date": "2023-09-01T16:15:08.020000",
"db": "NVD",
"id": "CVE-2023-36187"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-13348"
},
{
"date": "2023-09-01T00:00:00",
"db": "VULMON",
"id": "CVE-2023-36187"
},
{
"date": "2023-12-13T07:53:00",
"db": "JVNDB",
"id": "JVNDB-2023-011580"
},
{
"date": "2023-09-07T17:05:35.237000",
"db": "NVD",
"id": "CVE-2023-36187"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-011580"
}
],
"trust": 0.8
}
}
VAR-202411-2743
Vulnerability from variot - Updated: 2025-05-27 23:42Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2743",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"cve": "CVE-2024-52015",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52015",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024155",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52015",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024155",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52015"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52015",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024155",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"id": "VAR-202411-2743",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-27T23:42:23.968000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_43/43.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52015"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"date": "2024-11-05T15:15:26.520000",
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-23T02:52:00",
"db": "JVNDB",
"id": "JVNDB-2024-024155"
},
{
"date": "2025-05-21T20:24:01.020000",
"db": "NVD",
"id": "CVE-2024-52015"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024155"
}
],
"trust": 0.8
}
}
VAR-202411-2192
Vulnerability from variot - Updated: 2025-05-27 23:38Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2192",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"cve": "CVE-2024-52013",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52013",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024156",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52013",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024156",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52013"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52013",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024156",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"id": "VAR-202411-2192",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-27T23:38:30.915000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_43/43.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52013"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"date": "2024-11-05T15:15:26.347000",
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-23T02:52:00",
"db": "JVNDB",
"id": "JVNDB-2024-024156"
},
{
"date": "2025-05-21T20:24:21.147000",
"db": "NVD",
"id": "CVE-2024-52013"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024156"
}
],
"trust": 0.8
}
}
VAR-202411-2968
Vulnerability from variot - Updated: 2025-05-23 23:29Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2968",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024084"
},
{
"db": "NVD",
"id": "CVE-2024-51011"
}
]
},
"cve": "CVE-2024-51011",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51011",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024084",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51011",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024084",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024084"
},
{
"db": "NVD",
"id": "CVE-2024-51011"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51011"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024084"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51011",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024084",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024084"
},
{
"db": "NVD",
"id": "CVE-2024-51011"
}
]
},
"id": "VAR-202411-2968",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.46084976
},
"last_update_date": "2025-05-23T23:29:53.094000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024084"
},
{
"db": "NVD",
"id": "CVE-2024-51011"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear5/vuln_52/52.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51011"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024084"
},
{
"db": "NVD",
"id": "CVE-2024-51011"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024084"
},
{
"db": "NVD",
"id": "CVE-2024-51011"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024084"
},
{
"date": "2024-11-05T15:15:24.970000",
"db": "NVD",
"id": "CVE-2024-51011"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T01:34:00",
"db": "JVNDB",
"id": "JVNDB-2024-024084"
},
{
"date": "2025-05-21T20:23:30.427000",
"db": "NVD",
"id": "CVE-2024-51011"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024084"
}
],
"trust": 0.8
}
}
VAR-202411-2363
Vulnerability from variot - Updated: 2025-05-23 23:26Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at geniepppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2363",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024103"
},
{
"db": "NVD",
"id": "CVE-2024-52025"
}
]
},
"cve": "CVE-2024-52025",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52025",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024103",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52025",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024103",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024103"
},
{
"db": "NVD",
"id": "CVE-2024-52025"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at geniepppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52025"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024103"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52025",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024103",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024103"
},
{
"db": "NVD",
"id": "CVE-2024-52025"
}
]
},
"id": "VAR-202411-2363",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.46084976
},
"last_update_date": "2025-05-23T23:26:11.583000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024103"
},
{
"db": "NVD",
"id": "CVE-2024-52025"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear5/vuln_52/52.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52025"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024103"
},
{
"db": "NVD",
"id": "CVE-2024-52025"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024103"
},
{
"db": "NVD",
"id": "CVE-2024-52025"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024103"
},
{
"date": "2024-11-05T15:15:27.313000",
"db": "NVD",
"id": "CVE-2024-52025"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T06:49:00",
"db": "JVNDB",
"id": "JVNDB-2024-024103"
},
{
"date": "2025-05-21T20:12:26.193000",
"db": "NVD",
"id": "CVE-2024-52025"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024103"
}
],
"trust": 0.8
}
}
VAR-202411-3289
Vulnerability from variot - Updated: 2025-05-23 23:25Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at bsw_pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-3289",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024097"
},
{
"db": "NVD",
"id": "CVE-2024-52026"
}
]
},
"cve": "CVE-2024-52026",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52026",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024097",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52026",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024097",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024097"
},
{
"db": "NVD",
"id": "CVE-2024-52026"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at bsw_pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52026"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024097"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52026",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024097",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024097"
},
{
"db": "NVD",
"id": "CVE-2024-52026"
}
]
},
"id": "VAR-202411-3289",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.46084976
},
"last_update_date": "2025-05-23T23:25:50.173000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024097"
},
{
"db": "NVD",
"id": "CVE-2024-52026"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear5/vuln_52/52.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52026"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024097"
},
{
"db": "NVD",
"id": "CVE-2024-52026"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024097"
},
{
"db": "NVD",
"id": "CVE-2024-52026"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024097"
},
{
"date": "2024-11-05T15:15:27.397000",
"db": "NVD",
"id": "CVE-2024-52026"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T02:30:00",
"db": "JVNDB",
"id": "JVNDB-2024-024097"
},
{
"date": "2025-05-21T20:12:14.193000",
"db": "NVD",
"id": "CVE-2024-52026"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024097"
}
],
"trust": 0.8
}
}
VAR-202411-3146
Vulnerability from variot - Updated: 2025-05-23 23:23Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. R8500 firmware, XR300 firmware, R7000P For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-3146",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"cve": "CVE-2024-51010",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51010",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-024105",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51010",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024105",
"trust": 0.8,
"value": "High"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component ap_mode.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. R8500 firmware, XR300 firmware, R7000P For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51010"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51010",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024105",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"id": "VAR-202411-3146",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-23T23:23:13.757000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_48/48.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51010"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"date": "2024-11-05T15:15:24.887000",
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T06:49:00",
"db": "JVNDB",
"id": "JVNDB-2024-024105"
},
{
"date": "2025-05-21T19:59:27.137000",
"db": "NVD",
"id": "CVE-2024-51010"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "in multiple NETGEAR products. \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024105"
}
],
"trust": 0.8
}
}
VAR-202411-2011
Vulnerability from variot - Updated: 2025-05-23 23:20Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2011",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"cve": "CVE-2024-52014",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52014",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024070",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52014",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024070",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52014"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52014",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024070",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"id": "VAR-202411-2011",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-23T23:20:49.575000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_43/43.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52014"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"date": "2024-11-05T15:15:26.430000",
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T01:28:00",
"db": "JVNDB",
"id": "JVNDB-2024-024070"
},
{
"date": "2025-05-21T20:24:11.200000",
"db": "NVD",
"id": "CVE-2024-52014"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024070"
}
],
"trust": 0.8
}
}
VAR-202411-2191
Vulnerability from variot - Updated: 2025-05-23 23:18Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component wlg_adv.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. R8500 firmware, XR300 firmware, R7000P A command injection vulnerability exists in the firmware and other parts of multiple NETGEAR products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2191",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"cve": "CVE-2024-52022",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52022",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-024098",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52022",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024098",
"trust": 0.8,
"value": "High"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component wlg_adv.cgi via the apmode_gateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. R8500 firmware, XR300 firmware, R7000P A command injection vulnerability exists in the firmware and other parts of multiple NETGEAR products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52022"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52022",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024098",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"id": "VAR-202411-2191",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-23T23:18:07.913000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_48/48.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52022"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"date": "2024-11-05T15:15:27.070000",
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T02:30:00",
"db": "JVNDB",
"id": "JVNDB-2024-024098"
},
{
"date": "2025-05-21T20:23:37.760000",
"db": "NVD",
"id": "CVE-2024-52022"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Command injection vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024098"
}
],
"trust": 0.8
}
}
VAR-202411-2364
Vulnerability from variot - Updated: 2025-05-23 23:15Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2364",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"cve": "CVE-2024-52016",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52016",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024082",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52016",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024082",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52016"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52016",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024082",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"id": "VAR-202411-2364",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-23T23:15:48.338000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_49/49.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52016"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"date": "2024-11-05T15:15:26.597000",
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T01:33:00",
"db": "JVNDB",
"id": "JVNDB-2024-024082"
},
{
"date": "2025-05-21T20:23:46.587000",
"db": "NVD",
"id": "CVE-2024-52016"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024082"
}
],
"trust": 0.8
}
}
VAR-202411-2742
Vulnerability from variot - Updated: 2025-05-23 23:15Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at wizpppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2742",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024104"
},
{
"db": "NVD",
"id": "CVE-2024-52024"
}
]
},
"cve": "CVE-2024-52024",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52024",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024104",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52024",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024104",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024104"
},
{
"db": "NVD",
"id": "CVE-2024-52024"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at wizpppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52024"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024104"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52024",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024104",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024104"
},
{
"db": "NVD",
"id": "CVE-2024-52024"
}
]
},
"id": "VAR-202411-2742",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.46084976
},
"last_update_date": "2025-05-23T23:15:48.308000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024104"
},
{
"db": "NVD",
"id": "CVE-2024-52024"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear5/vuln_52/52.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52024"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024104"
},
{
"db": "NVD",
"id": "CVE-2024-52024"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024104"
},
{
"db": "NVD",
"id": "CVE-2024-52024"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024104"
},
{
"date": "2024-11-05T15:15:27.233000",
"db": "NVD",
"id": "CVE-2024-52024"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T06:49:00",
"db": "JVNDB",
"id": "JVNDB-2024-024104"
},
{
"date": "2025-05-21T20:12:43.467000",
"db": "NVD",
"id": "CVE-2024-52024"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024104"
}
],
"trust": 0.8
}
}
VAR-202411-2010
Vulnerability from variot - Updated: 2025-05-23 23:11Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe2.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2010",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024087"
},
{
"db": "NVD",
"id": "CVE-2024-52023"
}
]
},
"cve": "CVE-2024-52023",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-52023",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-024087",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-52023",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024087",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024087"
},
{
"db": "NVD",
"id": "CVE-2024-52023"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe2.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. of netgear XR300 firmware, R7000P firmware, R6400v2 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-52023"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024087"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-52023",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024087",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024087"
},
{
"db": "NVD",
"id": "CVE-2024-52023"
}
]
},
"id": "VAR-202411-2010",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.46084976
},
"last_update_date": "2025-05-23T23:11:23.264000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024087"
},
{
"db": "NVD",
"id": "CVE-2024-52023"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear5/vuln_52/52.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-52023"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024087"
},
{
"db": "NVD",
"id": "CVE-2024-52023"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024087"
},
{
"db": "NVD",
"id": "CVE-2024-52023"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024087"
},
{
"date": "2024-11-05T15:15:27.157000",
"db": "NVD",
"id": "CVE-2024-52023"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T01:38:00",
"db": "JVNDB",
"id": "JVNDB-2024-024087"
},
{
"date": "2025-05-21T20:12:52.203000",
"db": "NVD",
"id": "CVE-2024-52023"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024087"
}
],
"trust": 0.8
}
}
VAR-202411-2226
Vulnerability from variot - Updated: 2025-05-23 19:33Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. of netgear XR300 firmware, R7000P firmware, R6400v2 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2226",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024083"
},
{
"db": "NVD",
"id": "CVE-2024-51021"
}
]
},
"cve": "CVE-2024-51021",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51021",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-024083",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51021",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024083",
"trust": 0.8,
"value": "High"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024083"
},
{
"db": "NVD",
"id": "CVE-2024-51021"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wan_gateway parameter at genie_fix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. of netgear XR300 firmware, R7000P firmware, R6400v2 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51021"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024083"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51021",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024083",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024083"
},
{
"db": "NVD",
"id": "CVE-2024-51021"
}
]
},
"id": "VAR-202411-2226",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.46084976
},
"last_update_date": "2025-05-23T19:33:36.553000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024083"
},
{
"db": "NVD",
"id": "CVE-2024-51021"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear5/vuln_57/57.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51021"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024083"
},
{
"db": "NVD",
"id": "CVE-2024-51021"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024083"
},
{
"db": "NVD",
"id": "CVE-2024-51021"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024083"
},
{
"date": "2024-11-05T15:15:25.780000",
"db": "NVD",
"id": "CVE-2024-51021"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-22T01:34:00",
"db": "JVNDB",
"id": "JVNDB-2024-024083"
},
{
"date": "2025-05-21T20:13:00.310000",
"db": "NVD",
"id": "CVE-2024-51021"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "in multiple NETGEAR products. \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024083"
}
],
"trust": 0.8
}
}
VAR-202411-2594
Vulnerability from variot - Updated: 2025-05-10 23:12Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2594",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"cve": "CVE-2024-50996",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-50996",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023556",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-50996",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023556",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-50996"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-50996",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023556",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"id": "VAR-202411-2594",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-10T23:12:10.190000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_37/37.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-50996"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"date": "2024-11-05T15:15:23.703000",
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-09T00:50:00",
"db": "JVNDB",
"id": "JVNDB-2024-023556"
},
{
"date": "2025-05-07T15:25:23.087000",
"db": "NVD",
"id": "CVE-2024-50996"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023556"
}
],
"trust": 0.8
}
}
VAR-202411-2227
Vulnerability from variot - Updated: 2025-05-09 23:31Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2227",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"cve": "CVE-2024-51003",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51003",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023483",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51003",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023483",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51003"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51003",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023483",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"id": "VAR-202411-2227",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-09T23:31:15.533000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_49/49.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51003"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"date": "2024-11-05T15:15:24.300000",
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-08T04:42:00",
"db": "JVNDB",
"id": "JVNDB-2024-023483"
},
{
"date": "2025-05-07T15:24:54.143000",
"db": "NVD",
"id": "CVE-2024-51003"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023483"
}
],
"trust": 0.8
}
}
VAR-202411-2043
Vulnerability from variot - Updated: 2025-05-09 03:02Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2043",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"cve": "CVE-2024-50997",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-50997",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023438",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-50997",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023438",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-50997"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-50997",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023438",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"id": "VAR-202411-2043",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-09T03:02:44.331000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_43/43.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-50997"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"date": "2024-11-05T15:15:23.783000",
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-08T00:36:00",
"db": "JVNDB",
"id": "JVNDB-2024-023438"
},
{
"date": "2025-05-01T18:22:26.830000",
"db": "NVD",
"id": "CVE-2024-50997"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023438"
}
],
"trust": 0.8
}
}
VAR-202411-2969
Vulnerability from variot - Updated: 2025-05-02 22:44Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the l2tp_user_ip parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202411-2969",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.128"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.154"
},
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.160"
},
{
"model": "xr300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.78"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"cve": "CVE-2024-51002",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"id": "CVE-2024-51002",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2024-023022",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-51002",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2024-023022",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the l2tp_user_ip parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. R8500 firmware, XR300 firmware, R7000P A classic buffer overflow vulnerability exists in multiple Netgear products, including firmware.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-51002"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-51002",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-023022",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"id": "VAR-202411-2969",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.47773457333333336
},
"last_update_date": "2025-05-02T22:44:17.834000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.0,
"url": "https://github.com/wudipjq/my_vuln/blob/main/netgear4/vuln_42/42.md"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-51002"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"date": "2024-11-05T15:15:24.217000",
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-01T01:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-023022"
},
{
"date": "2025-04-30T16:30:32.437000",
"db": "NVD",
"id": "CVE-2024-51002"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Classic buffer overflow vulnerability in multiple Netgear products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-023022"
}
],
"trust": 0.8
}
}
VAR-202212-2397
Vulnerability from variot - Updated: 2025-04-11 23:05Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122, R6900P before 1.3.3.152, R7000P before 1.3.3.152, R7000 before 1.0.11.136, R7960P before 1.4.4.94, and R8000P before 1.4.4.94. plural NETGEAR device Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects RAX40 prior to 1.0.2.60, RAX35 prior to 1.0.2.60, R6400v2 prior to 1.0.4.122, R6700v3 prior to 1.0.4.122, R6900P prior to 1.3.3.152, R7000P prior to 1.3.3.152, R7000 prior to 1.0.11.136, R7960P prior to 1.4.4.94, and R8000P prior to 1.4.4.94
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-2397",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.152"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.4.94"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.122"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.4.94"
},
{
"model": "rax40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.136"
},
{
"model": "rax35",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.122"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.152"
},
{
"model": "rax40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rax35",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7960p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"db": "NVD",
"id": "CVE-2022-48196"
}
]
},
"cve": "CVE-2022-48196",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2022-48196",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-48196",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-48196",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "cve@mitre.org",
"id": "CVE-2022-48196",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-48196",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2022-48196",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-4129",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-4129"
},
{
"db": "NVD",
"id": "CVE-2022-48196"
},
{
"db": "NVD",
"id": "CVE-2022-48196"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122, R6900P before 1.3.3.152, R7000P before 1.3.3.152, R7000 before 1.0.11.136, R7960P before 1.4.4.94, and R8000P before 1.4.4.94. plural NETGEAR device Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects RAX40 prior to 1.0.2.60, RAX35 prior to 1.0.2.60, R6400v2 prior to 1.0.4.122, R6700v3 prior to 1.0.4.122, R6900P prior to 1.3.3.152, R7000P prior to 1.3.3.152, R7000 prior to 1.0.11.136, R7960P prior to 1.4.4.94, and R8000P prior to 1.4.4.94",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-48196"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"db": "VULMON",
"id": "CVE-2022-48196"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-48196",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004429",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202212-4129",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-48196",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-48196"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-4129"
},
{
"db": "NVD",
"id": "CVE-2022-48196"
}
]
},
"id": "VAR-202212-2397",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.30824883875000003
},
"last_update_date": "2025-04-11T23:05:21.764000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2019-0208",
"trust": 0.8,
"url": "https://kb.netgear.com/000065495/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2019-0208"
},
{
"title": "Multiple NETGEAR product Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=220822"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-4129"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"db": "NVD",
"id": "CVE-2022-48196"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-recently-fixed-wifi-router-bug/"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000065495/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-psv-2019-0208"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-48196"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-48196/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-48196"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-4129"
},
{
"db": "NVD",
"id": "CVE-2022-48196"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-48196"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-4129"
},
{
"db": "NVD",
"id": "CVE-2022-48196"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-30T00:00:00",
"db": "VULMON",
"id": "CVE-2022-48196"
},
{
"date": "2023-04-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"date": "2022-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-4129"
},
{
"date": "2022-12-30T08:15:07.900000",
"db": "NVD",
"id": "CVE-2022-48196"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-30T00:00:00",
"db": "VULMON",
"id": "CVE-2022-48196"
},
{
"date": "2023-04-11T07:53:00",
"db": "JVNDB",
"id": "JVNDB-2022-004429"
},
{
"date": "2023-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-4129"
},
{
"date": "2025-04-10T19:15:50.267000",
"db": "NVD",
"id": "CVE-2022-48196"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-4129"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 device \u00a0 Classic buffer overflow vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-004429"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-4129"
}
],
"trust": 0.6
}
}
VAR-202004-1342
Vulnerability from variot - Updated: 2024-11-23 23:11plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR WNR2020 and so on are all products of NETGEAR. NETGEAR WNR2020 is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6220 is a wireless modem.
A number of NETGEAR products have input validation error vulnerabilities that result from security configuration errors. No detailed vulnerability details are currently available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1342",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.0.60"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.0.26"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.2.0.2"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.4.6"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.4.6"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.2"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.2"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "pr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "jnr1010v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jwnr2010v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wnr1000v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr3700v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "r6700v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.2"
},
{
"model": "r6900v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.2"
},
{
"model": "wndr4300v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.52"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31324"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"db": "NVD",
"id": "CVE-2017-18778"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
}
]
},
"cve": "CVE-2017-18778",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18778",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014917",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-31324",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2017-18778",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2017-18778",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014917",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18778",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18778",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014917",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-31324",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1882",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31324"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1882"
},
{
"db": "NVD",
"id": "CVE-2017-18778"
},
{
"db": "NVD",
"id": "CVE-2017-18778"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR WNR2020 and so on are all products of NETGEAR. NETGEAR WNR2020 is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6220 is a wireless modem. \n\r\n\r\nA number of NETGEAR products have input validation error vulnerabilities that result from security configuration errors. No detailed vulnerability details are currently available",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"db": "CNVD",
"id": "CNVD-2020-31324"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18778",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014917",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-31324",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1882",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31324"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1882"
},
{
"db": "NVD",
"id": "CVE-2017-18778"
}
]
},
"id": "VAR-202004-1342",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31324"
}
],
"trust": 1.1785081257894738
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31324"
}
]
},
"last_update_date": "2024-11-23T23:11:27.105000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration on Some Routers and Gateways, PSV-2017-2957",
"trust": 0.8,
"url": "https://kb.netgear.com/000049543/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Gateways-PSV-2017-2957"
},
{
"title": "Patch for Multiple NETGEAR product input verification error vulnerabilities (CNVD-2020-31324)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/220045"
},
{
"title": "Multiple NETGEAR Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117240"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31324"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1882"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"db": "NVD",
"id": "CVE-2017-18778"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18778"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049543/security-advisory-for-security-misconfiguration-on-some-routers-and-gateways-psv-2017-2957"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18778"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31324"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1882"
},
{
"db": "NVD",
"id": "CVE-2017-18778"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-31324"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1882"
},
{
"db": "NVD",
"id": "CVE-2017-18778"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31324"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1882"
},
{
"date": "2020-04-22T15:15:12.253000",
"db": "NVD",
"id": "CVE-2017-18778"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31324"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014917"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1882"
},
{
"date": "2024-11-21T03:20:53.747000",
"db": "NVD",
"id": "CVE-2017-18778"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1882"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Input verification vulnerabilities on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014917"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1882"
}
],
"trust": 0.6
}
}
VAR-202112-2299
Vulnerability from variot - Updated: 2024-11-23 23:11Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RS400 before 1.5.1.80, R6400v2 before 1.0.4.102, R7000P before 1.3.2.126, R6700v3 before 1.0.4.102, and R6900P before 1.3.2.126. This affects R7000 prior to 1.0.11.110, R7900 prior to 1.0.4.30, R8000 prior to 1.0.4.62, RS400 prior to 1.5.1.80, R6400v2 prior to 1.0.4.102, R7000P prior to 1.3.2.126, R6700v3 prior to 1.0.4.102, and R6900P prior to 1.3.2.126
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.126"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.126"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.110"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.30"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.102"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.102"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.62"
},
{
"model": "r7000p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7900",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rs400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"db": "NVD",
"id": "CVE-2021-45650"
}
]
},
"cve": "CVE-2021-45650",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-45650",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-45650",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-45650",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-45650",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45650",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45650",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-45650",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2446",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-45650",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45650"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2446"
},
{
"db": "NVD",
"id": "CVE-2021-45650"
},
{
"db": "NVD",
"id": "CVE-2021-45650"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RS400 before 1.5.1.80, R6400v2 before 1.0.4.102, R7000P before 1.3.2.126, R6700v3 before 1.0.4.102, and R6900P before 1.3.2.126. This affects R7000 prior to 1.0.11.110, R7900 prior to 1.0.4.30, R8000 prior to 1.0.4.62, RS400 prior to 1.5.1.80, R6400v2 prior to 1.0.4.102, R7000P prior to 1.3.2.126, R6700v3 prior to 1.0.4.102, and R6900P prior to 1.3.2.126",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45650"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"db": "VULMON",
"id": "CVE-2021-45650"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45650",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017173",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2446",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45650",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45650"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2446"
},
{
"db": "NVD",
"id": "CVE-2021-45650"
}
]
},
"id": "VAR-202112-2299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.32497122
},
"last_update_date": "2024-11-23T23:11:03.097000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Sensitive\u00a0Information\u00a0Disclosure\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2020-0117",
"trust": 0.8,
"url": "https://kb.netgear.com/000064459/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2020-0117"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176208"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2446"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.0
},
{
"problemtype": "information leak (CWE-200) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"db": "NVD",
"id": "CVE-2021-45650"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064459/security-advisory-for-sensitive-information-disclosure-on-some-routers-psv-2020-0117"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45650"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45650"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2446"
},
{
"db": "NVD",
"id": "CVE-2021-45650"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45650"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2446"
},
{
"db": "NVD",
"id": "CVE-2021-45650"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45650"
},
{
"date": "2023-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2446"
},
{
"date": "2021-12-26T01:15:20.103000",
"db": "NVD",
"id": "CVE-2021-45650"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-06T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45650"
},
{
"date": "2023-01-06T05:43:00",
"db": "JVNDB",
"id": "JVNDB-2021-017173"
},
{
"date": "2022-01-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2446"
},
{
"date": "2024-11-21T06:32:47.083000",
"db": "NVD",
"id": "CVE-2021-45650"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2446"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Device information disclosure vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017173"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2446"
}
],
"trust": 0.6
}
}
VAR-202112-2341
Vulnerability from variot - Updated: 2024-11-23 23:11Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of "rather significant complexity" but not "impossible." The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122. NETGEAR D7800 , R6400v2 , R6700v3 Exists in an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2341",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.122"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.122"
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"db": "NVD",
"id": "CVE-2021-45608"
}
]
},
"cve": "CVE-2021-45608",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-45608",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-45608",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2021-45608",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-45608",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45608",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45608",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-45608",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2402",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-45608",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45608"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2402"
},
{
"db": "NVD",
"id": "CVE-2021-45608"
},
{
"db": "NVD",
"id": "CVE-2021-45608"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface (TCP port 20005) cannot be ruled out; however, exploitability was judged to be of \"rather significant complexity\" but not \"impossible.\" The overflow is in SoftwareBus_dispatchNormalEPMsgOut in the KCodes NetUSB kernel module. Affected NETGEAR devices are D7800 before 1.0.1.68, R6400v2 before 1.0.4.122, and R6700v3 before 1.0.4.122. NETGEAR D7800 , R6400v2 , R6700v3 Exists in an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45608"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"db": "VULMON",
"id": "CVE-2021-45608"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45608",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017175",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2022011308",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2402",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45608",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45608"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2402"
},
{
"db": "NVD",
"id": "CVE-2021-45608"
}
]
},
"id": "VAR-202112-2341",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37054796000000007
},
"last_update_date": "2024-11-23T23:11:03.048000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Multiple\u00a0Products,\u00a0PSV-2021-0278",
"trust": 0.8,
"url": "https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=177123"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/khanhdz191/linux-kernel-exploitation "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45608"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2402"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.0
},
{
"problemtype": "Integer overflow or wraparound (CWE-190) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"db": "NVD",
"id": "CVE-2021-45608"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.sentinelone.com/labs/cve-2021-45608-netusb-rce-flaw-in-millions-of-end-user-routers/"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064437/security-advisory-for-pre-authentication-buffer-overflow-on-multiple-products-psv-2021-0278"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45608"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022011308"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/khanhdz191/linux-kernel-exploitation"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45608"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2402"
},
{
"db": "NVD",
"id": "CVE-2021-45608"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45608"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2402"
},
{
"db": "NVD",
"id": "CVE-2021-45608"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45608"
},
{
"date": "2023-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2402"
},
{
"date": "2021-12-26T01:15:18.083000",
"db": "NVD",
"id": "CVE-2021-45608"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-29T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45608"
},
{
"date": "2023-01-06T06:08:00",
"db": "JVNDB",
"id": "JVNDB-2021-017175"
},
{
"date": "2022-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2402"
},
{
"date": "2024-11-21T06:32:39.413000",
"db": "NVD",
"id": "CVE-2021-45608"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2402"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Integer overflow vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017175"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2402"
}
],
"trust": 0.6
}
}
VAR-202004-0735
Vulnerability from variot - Updated: 2024-11-23 23:08Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0735",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "jndr3000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.1.4.16"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.32"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.0.10"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.56"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "jndr3000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "rbw30",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.1.4.16"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "dgn2200v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.56"
},
{
"model": "wndr4500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "wn3100rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jndr3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbw30_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
}
]
},
"cve": "CVE-2019-20755",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2019-20755",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015460",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2021-61061",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20755",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20755",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015460",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20755",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20755",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015460",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-61061",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1366",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20755"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNVD",
"id": "CNVD-2021-61061"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20755",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-61061",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"id": "VAR-202004-0735",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
}
],
"trust": 1.1059655375806452
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
}
]
},
"last_update_date": "2024-11-23T23:08:03.214000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers, Modem Routers, Extenders, and Orbi Satellites, PSV-2018-0053",
"trust": 0.8,
"url": "https://kb.netgear.com/000060627/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Extenders-and-Orbi-Satellites-PSV-2018-0053"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61061)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/285351"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115026"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20755"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000060627/security-advisory-for-post-authentication-stack-overflow-on-some-routers-modem-routers-extenders-and-orbi-satellites-psv-2018-0053"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20755"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"date": "2020-04-16T22:15:12.930000",
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"date": "2024-11-21T04:39:16.770000",
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
}
],
"trust": 0.6
}
}
VAR-202004-0924
Vulnerability from variot - Updated: 2024-11-23 23:07Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400v2 before 1.0.4.84, R6700 before 1.0.2.8, R6700v3 before 1.0.4.84, R6900 before 1.0.2.8, and R7900 before 1.0.3.10. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6400 is a wireless router of NETGEAR.
There are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0924",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.8"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.8"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v2 1.0.4.84"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.8"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v3 1.0.4.84"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.8"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.84"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27210"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"db": "NVD",
"id": "CVE-2019-20659"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
}
]
},
"cve": "CVE-2019-20659",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2019-20659",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015361",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2020-27210",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2019-20659",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20659",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015361",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20659",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20659",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015361",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-27210",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1227",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27210"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1227"
},
{
"db": "NVD",
"id": "CVE-2019-20659"
},
{
"db": "NVD",
"id": "CVE-2019-20659"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400v2 before 1.0.4.84, R6700 before 1.0.2.8, R6700v3 before 1.0.4.84, R6900 before 1.0.2.8, and R7900 before 1.0.3.10. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6400 is a wireless router of NETGEAR. \n\r\n\r\nThere are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20659"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"db": "CNVD",
"id": "CNVD-2020-27210"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20659",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015361",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-27210",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1227",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27210"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1227"
},
{
"db": "NVD",
"id": "CVE-2019-20659"
}
]
},
"id": "VAR-202004-0924",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27210"
}
],
"trust": 1.0077487133333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27210"
}
]
},
"last_update_date": "2024-11-23T23:07:59.147000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Command Injection on Some Routers, PSV-2018-0567",
"trust": 0.8,
"url": "https://kb.netgear.com/000061480/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0567"
},
{
"title": "Patch for Multiple NETGEAR product injection vulnerabilities (CNVD-2020-27210)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/216865"
},
{
"title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116526"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27210"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1227"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-74",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"db": "NVD",
"id": "CVE-2019-20659"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20659"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061480/security-advisory-for-post-authentication-command-injection-on-some-routers-psv-2018-0567"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20659"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-27210"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1227"
},
{
"db": "NVD",
"id": "CVE-2019-20659"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-27210"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1227"
},
{
"db": "NVD",
"id": "CVE-2019-20659"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-27210"
},
{
"date": "2020-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"date": "2020-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1227"
},
{
"date": "2020-04-15T19:15:13.300000",
"db": "NVD",
"id": "CVE-2019-20659"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-27210"
},
{
"date": "2020-05-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015361"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1227"
},
{
"date": "2024-11-21T04:38:59.560000",
"db": "NVD",
"id": "CVE-2019-20659"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1227"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015361"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1227"
}
],
"trust": 0.6
}
}
VAR-202112-2306
Vulnerability from variot - Updated: 2024-11-23 23:07Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, and XR1000 before 1.0.0.58. NETGEAR R6400v2 , R6700v3 , XR1000 Exists in unspecified vulnerabilities.Information may be tampered with. This affects R6400v2 prior to 1.0.4.118, R6700v3 prior to 1.0.4.118, and XR1000 prior to 1.0.0.58
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2306",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6700v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xr1000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"db": "NVD",
"id": "CVE-2021-45643"
}
]
},
"cve": "CVE-2021-45643",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-45643",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2021-45643",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-45643",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-45643",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45643",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45643",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-45643",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2442",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-45643",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45643"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2442"
},
{
"db": "NVD",
"id": "CVE-2021-45643"
},
{
"db": "NVD",
"id": "CVE-2021-45643"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, and XR1000 before 1.0.0.58. NETGEAR R6400v2 , R6700v3 , XR1000 Exists in unspecified vulnerabilities.Information may be tampered with. This affects R6400v2 prior to 1.0.4.118, R6700v3 prior to 1.0.4.118, and XR1000 prior to 1.0.0.58",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45643"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"db": "VULMON",
"id": "CVE-2021-45643"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45643",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017033",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2442",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45643",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45643"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2442"
},
{
"db": "NVD",
"id": "CVE-2021-45643"
}
]
},
"id": "VAR-202112-2306",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.30590709000000005
},
"last_update_date": "2024-11-23T23:07:30.648000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Security\u00a0Misconfiguration\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2021-0035",
"trust": 0.8,
"url": "https://kb.netgear.com/000064159/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2021-0035"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176678"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2442"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"db": "NVD",
"id": "CVE-2021-45643"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064159/security-advisory-for-security-misconfiguration-on-some-routers-psv-2021-0035"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45643"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45643"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2442"
},
{
"db": "NVD",
"id": "CVE-2021-45643"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45643"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2442"
},
{
"db": "NVD",
"id": "CVE-2021-45643"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45643"
},
{
"date": "2022-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2442"
},
{
"date": "2021-12-26T01:15:19.780000",
"db": "NVD",
"id": "CVE-2021-45643"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45643"
},
{
"date": "2022-12-28T02:08:00",
"db": "JVNDB",
"id": "JVNDB-2021-017033"
},
{
"date": "2022-01-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2442"
},
{
"date": "2024-11-21T06:32:45.707000",
"db": "NVD",
"id": "CVE-2021-45643"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2442"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017033"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2442"
}
],
"trust": 0.6
}
}
VAR-202112-2327
Vulnerability from variot - Updated: 2024-11-23 23:07Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 4.6.3.6, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, EX7500 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MK62 prior to 1.0.6.116, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.118, R6700v3 prior to 1.0.4.118, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.116, R7000P prior to 1.3.3.140, R7850 prior to 1.0.5.68, R7900 prior to 1.0.4.38, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.68, R8000P prior to 1.4.2.84, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2327",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.68"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "eax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "eax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "cbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.5.0.24"
},
{
"model": "cbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "4.6.3.6"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.38"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.28"
},
{
"model": "rax40v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "rax35v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.68"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.116"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "mk62",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.68"
},
{
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "eax80",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr40",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mk62",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"cve": "CVE-2021-45622",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-45622",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-45622",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-45622",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-45622",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45622",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45622",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-45622",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2418",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 4.6.3.6, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, EX7500 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MK62 prior to 1.0.6.116, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.118, R6700v3 prior to 1.0.4.118, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.116, R7000P prior to 1.3.3.140, R7850 prior to 1.0.5.68, R7900 prior to 1.0.4.38, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.68, R8000P prior to 1.4.2.84, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45622"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "VULMON",
"id": "CVE-2021-45622"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45622",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45622",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"id": "VAR-202112-2327",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3053594013333333
},
"last_update_date": "2024-11-23T23:07:30.624000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0506",
"trust": 0.8,
"url": "https://kb.netgear.com/000064499/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0506"
},
{
"title": "Netgear RBR750 and NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176397"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064509/security-advisory-for-pre-authentication-command-injection-on-some-routers-extender-wifi-systems-psv-2020-0506"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45622"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"date": "2023-01-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"date": "2021-12-26T01:15:18.810000",
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45622"
},
{
"date": "2023-01-25T02:01:00",
"db": "JVNDB",
"id": "JVNDB-2021-017541"
},
{
"date": "2022-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2418"
},
{
"date": "2024-11-21T06:32:42.160000",
"db": "NVD",
"id": "CVE-2021-45622"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017541"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2418"
}
],
"trust": 0.6
}
}
VAR-202004-0781
Vulnerability from variot - Updated: 2024-11-23 23:04Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D8500 before 1.0.3.43, R6250 before 1.0.4.34, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R7000P before 1.4.1.30, R7100LG before 1.0.0.48, R7300DST before 1.0.0.68, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all products of NETGEAR. NETGEAR R6250 is a wireless router. NETGEAR R6400 is a wireless router. NETGEAR D6220 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0781",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.8"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.43"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.62"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.43"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.62"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.62"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30690"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"db": "NVD",
"id": "CVE-2019-20719"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7300dst_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wayne Low of Fortinets FortiGuard Labs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1303"
}
],
"trust": 0.6
},
"cve": "CVE-2019-20719",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2019-20719",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015413",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2020-30690",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20719",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20719",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015413",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20719",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20719",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015413",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-30690",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1303",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30690"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1303"
},
{
"db": "NVD",
"id": "CVE-2019-20719"
},
{
"db": "NVD",
"id": "CVE-2019-20719"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D8500 before 1.0.3.43, R6250 before 1.0.4.34, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R7000P before 1.4.1.30, R7100LG before 1.0.0.48, R7300DST before 1.0.0.68, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all products of NETGEAR. NETGEAR R6250 is a wireless router. NETGEAR R6400 is a wireless router. NETGEAR D6220 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20719"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"db": "CNVD",
"id": "CNVD-2020-30690"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20719",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015413",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-30690",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1303",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30690"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1303"
},
{
"db": "NVD",
"id": "CVE-2019-20719"
}
]
},
"id": "VAR-202004-0781",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30690"
}
],
"trust": 1.0174983
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30690"
}
]
},
"last_update_date": "2024-11-23T23:04:26.067000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2018-0194",
"trust": 0.8,
"url": "https://kb.netgear.com/000061209/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0194"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-30690)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/219477"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116572"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30690"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1303"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"db": "NVD",
"id": "CVE-2019-20719"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20719"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061209/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2018-0194"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20719"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30690"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1303"
},
{
"db": "NVD",
"id": "CVE-2019-20719"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-30690"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1303"
},
{
"db": "NVD",
"id": "CVE-2019-20719"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30690"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1303"
},
{
"date": "2020-04-16T19:15:25.087000",
"db": "NVD",
"id": "CVE-2019-20719"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30690"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015413"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1303"
},
{
"date": "2024-11-21T04:39:10.643000",
"db": "NVD",
"id": "CVE-2019-20719"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1303"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015413"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1303"
}
],
"trust": 0.6
}
}
VAR-202004-1302
Vulnerability from variot - Updated: 2024-11-23 23:04Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6250 before V1.0.4.8, R6400 before V1.0.1.22, R6400v2 before V1.0.2.32, R7100LG before V1.0.0.32, R7300 before V1.0.0.52, R8300 before V1.0.2.94, R8500 before V1.0.2.100, D6220 before V1.0.0.28, D6400 before V1.0.0.60, and D8500 before V1.0.3.29. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R6400 is a wireless router. NETGEAR R8300 is a wireless router
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1302",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.100"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r7300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.100"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.32"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31316"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"db": "NVD",
"id": "CVE-2017-18789"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
}
]
},
"cve": "CVE-2017-18789",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18789",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014875",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-31316",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-18789",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2017-18789",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014875",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18789",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18789",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014875",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-31316",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1864",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31316"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1864"
},
{
"db": "NVD",
"id": "CVE-2017-18789"
},
{
"db": "NVD",
"id": "CVE-2017-18789"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6250 before V1.0.4.8, R6400 before V1.0.1.22, R6400v2 before V1.0.2.32, R7100LG before V1.0.0.32, R7300 before V1.0.0.52, R8300 before V1.0.2.94, R8500 before V1.0.2.100, D6220 before V1.0.0.28, D6400 before V1.0.0.60, and D8500 before V1.0.3.29. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R6400 is a wireless router. NETGEAR R8300 is a wireless router",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18789"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"db": "CNVD",
"id": "CNVD-2020-31316"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18789",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014875",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-31316",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1864",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31316"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1864"
},
{
"db": "NVD",
"id": "CVE-2017-18789"
}
]
},
"id": "VAR-202004-1302",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31316"
}
],
"trust": 1.067344489
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31316"
}
]
},
"last_update_date": "2024-11-23T23:04:25.209000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Sensitive Information Disclosure Vulnerability on Some Routers and Some DSL Modem Routers, PSV-2017-0426",
"trust": 0.8,
"url": "https://kb.netgear.com/000049373/Security-Advisory-for-Sensitive-Information-Disclosure-Vulnerability-on-Some-Routers-and-Some-DSL-Modem-Routers-PSV-2017-0426"
},
{
"title": "Patch for Multiple NETGEAR product information disclosure vulnerabilities (CNVD-2020-31316)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/220095"
},
{
"title": "Multiple NETGEAR Product information disclosure vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31316"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1864"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"db": "NVD",
"id": "CVE-2017-18789"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18789"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049373/security-advisory-for-sensitive-information-disclosure-vulnerability-on-some-routers-and-some-dsl-modem-routers-psv-2017-0426"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18789"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31316"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1864"
},
{
"db": "NVD",
"id": "CVE-2017-18789"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-31316"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1864"
},
{
"db": "NVD",
"id": "CVE-2017-18789"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31316"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1864"
},
{
"date": "2020-04-22T14:15:11.877000",
"db": "NVD",
"id": "CVE-2017-18789"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31316"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014875"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1864"
},
{
"date": "2024-11-21T03:20:55.663000",
"db": "NVD",
"id": "CVE-2017-18789"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1864"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014875"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1864"
}
],
"trust": 0.6
}
}
VAR-202004-1323
Vulnerability from variot - Updated: 2024-11-23 23:04Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D8500 through 1.0.3.28, R6400 through 1.0.1.22, R6400v2 through 1.0.2.18, R8300 through 1.0.2.94, R8500 through 1.0.2.94, and R6100 through 1.0.1.12. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R6400 is a wireless router. NETGEAR R8300 is a wireless router.
Injection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1323",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.28"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.28"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r6400v2",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.2.18"
},
{
"model": "d8500",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.3.28"
},
{
"model": "r6400",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.1.22"
},
{
"model": "r8300",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.2.94"
},
{
"model": "r8500",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.2.94"
},
{
"model": "r6100",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.1.12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57168"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"db": "NVD",
"id": "CVE-2017-18851"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
}
]
},
"cve": "CVE-2017-18851",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18851",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014881",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-57168",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2017-18851",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2017-18851",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014881",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18851",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18851",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014881",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-57168",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57168"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"db": "NVD",
"id": "CVE-2017-18851"
},
{
"db": "NVD",
"id": "CVE-2017-18851"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D8500 through 1.0.3.28, R6400 through 1.0.1.22, R6400v2 through 1.0.2.18, R8300 through 1.0.2.94, R8500 through 1.0.2.94, and R6100 through 1.0.1.12. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R6400 is a wireless router. NETGEAR R8300 is a wireless router. \n\r\n\r\nInjection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18851"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"db": "CNVD",
"id": "CNVD-2021-57168"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18851",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014881",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-57168",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1611",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57168"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1611"
},
{
"db": "NVD",
"id": "CVE-2017-18851"
}
]
},
"id": "VAR-202004-1323",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57168"
}
],
"trust": 1.0971869416666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57168"
}
]
},
"last_update_date": "2024-11-23T23:04:25.184000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Command Injection on Some Routers and Modem Routers, PSV-2017-1207",
"trust": 0.8,
"url": "https://kb.netgear.com/000045850/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-Modem-Routers-PSV-2017-1207"
},
{
"title": "Patch for Injection vulnerabilities in multiple NETGEAR products (CNVD-2021-57168)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/283616"
},
{
"title": "Multiple NETGEAR Product Command Injection Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116185"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57168"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1611"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-74",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"db": "NVD",
"id": "CVE-2017-18851"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18851"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000045850/security-advisory-for-post-authentication-command-injection-on-some-routers-and-modem-routers-psv-2017-1207"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18851"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57168"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1611"
},
{
"db": "NVD",
"id": "CVE-2017-18851"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-57168"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1611"
},
{
"db": "NVD",
"id": "CVE-2017-18851"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-57168"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"date": "2020-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1611"
},
{
"date": "2020-04-20T13:15:13.053000",
"db": "NVD",
"id": "CVE-2017-18851"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-57168"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014881"
},
{
"date": "2020-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1611"
},
{
"date": "2024-11-21T03:21:05.547000",
"db": "NVD",
"id": "CVE-2017-18851"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014881"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1611"
}
],
"trust": 0.6
}
}