Search criteria
70 vulnerabilities found for d6100 by netgear
VAR-201701-0161
Vulnerability from variot - Updated: 2025-11-18 15:12The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution. NETGEARWNR2000v5router is a popular router device. Netgear WNR2000 is prone to the following vulnerabilities: 1. An authentication-bypass vulnerability 2. An information disclosure vulnerability 3. Failed exploit attempts will likely cause a denial-of-service condition. Netgear WNR2000 firmware version 5 is affected; other versions may also be affected
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "wnr2000v5",
"scope": null,
"trust": 1.6,
"vendor": "net gear",
"version": null
},
{
"_id": null,
"model": "wndr4700",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr2000v5",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr2020",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr2050",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "r2000",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wndr3700v4",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr2200",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "r6100",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr614",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "r7500v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr1000v4",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wndr4500v3",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "r7500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "d7000",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wndr4300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr2000v4",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wndr4300v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "jnr3300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "d6100",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr2500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "r6220",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "d7800",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr1000v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "jnr1010v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr618",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wndr3800",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "jwnr2010v5",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr2000v3",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "wnr2000",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "5"
},
{
"_id": null,
"model": "wnr2000v5",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.34"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01201"
},
{
"db": "BID",
"id": "95867"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007707"
},
{
"db": "NVD",
"id": "CVE-2016-10174"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:netgear:wnr2000v5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000v5_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007707"
}
]
},
"credits": {
"_id": null,
"data": "Pedro Ribeiro.",
"sources": [
{
"db": "BID",
"id": "95867"
}
],
"trust": 0.3
},
"cve": "CVE-2016-10174",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-10174",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-01201",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-88924",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-10174",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-10174",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-10174",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2016-10174",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-10174",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-01201",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-105",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-88924",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-10174",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01201"
},
{
"db": "VULHUB",
"id": "VHN-88924"
},
{
"db": "VULMON",
"id": "CVE-2016-10174"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007707"
},
{
"db": "NVD",
"id": "CVE-2016-10174"
},
{
"db": "NVD",
"id": "CVE-2016-10174"
}
]
},
"description": {
"_id": null,
"data": "The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution. NETGEARWNR2000v5router is a popular router device. Netgear WNR2000 is prone to the following vulnerabilities:\n1. An authentication-bypass vulnerability\n2. An information disclosure vulnerability\n3. Failed exploit attempts will likely cause a denial-of-service condition. \nNetgear WNR2000 firmware version 5 is affected; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-10174"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007707"
},
{
"db": "CNVD",
"id": "CNVD-2017-01201"
},
{
"db": "BID",
"id": "95867"
},
{
"db": "VULHUB",
"id": "VHN-88924"
},
{
"db": "VULMON",
"id": "CVE-2016-10174"
}
],
"trust": 2.61
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41719",
"trust": 0.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-88924",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88924"
},
{
"db": "VULMON",
"id": "CVE-2016-10174"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-10174",
"trust": 3.5
},
{
"db": "BID",
"id": "95867",
"trust": 2.7
},
{
"db": "EXPLOIT-DB",
"id": "40949",
"trust": 1.2
},
{
"db": "EXPLOIT-DB",
"id": "41719",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007707",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201702-105",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-01201",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "141806",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88924",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-10174",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01201"
},
{
"db": "VULHUB",
"id": "VHN-88924"
},
{
"db": "VULMON",
"id": "CVE-2016-10174"
},
{
"db": "BID",
"id": "95867"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007707"
},
{
"db": "NVD",
"id": "CVE-2016-10174"
}
]
},
"id": "VAR-201701-0161",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01201"
},
{
"db": "VULHUB",
"id": "VHN-88924"
}
],
"trust": 1.349292958888889
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01201"
}
]
},
"last_update_date": "2025-11-18T15:12:36.873000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Insecure Remote Access and Command Execution Security Vulnerability, PSV-2016-0255",
"trust": 0.8,
"url": "http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-Vulnerability"
},
{
"title": "NETGEARWNR2000v5routerhidden_lang_avi patch overflow vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/89178"
},
{
"title": "NETGEAR WNR2000v5 Repair measures for router buffer error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67476"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/zyxel-and-netgear-fail-to-patch-seven-security-flaws-affecting-their-routers/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01201"
},
{
"db": "VULMON",
"id": "CVE-2016-10174"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007707"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88924"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007707"
},
{
"db": "NVD",
"id": "CVE-2016-10174"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "https://raw.githubusercontent.com/pedrib/poc/master/advisories/netgear-wnr2000.txt"
},
{
"trust": 2.4,
"url": "http://kb.netgear.com/000036549/insecure-remote-access-and-command-execution-security-vulnerability"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/95867"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2016/dec/72"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/41719/"
},
{
"trust": 1.2,
"url": "https://www.exploit-db.com/exploits/40949/"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2016-10174"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10174"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-10174"
},
{
"trust": 0.3,
"url": "http://www.netgear.com"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2017/jan/88"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/exploit/linux/http/netgear_wnr2000_rce"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-01201"
},
{
"db": "VULHUB",
"id": "VHN-88924"
},
{
"db": "VULMON",
"id": "CVE-2016-10174"
},
{
"db": "BID",
"id": "95867"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-105"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007707"
},
{
"db": "NVD",
"id": "CVE-2016-10174"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-01201",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-88924",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2016-10174",
"ident": null
},
{
"db": "BID",
"id": "95867",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201702-105",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-007707",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-10174",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-02-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01201",
"ident": null
},
{
"date": "2017-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-88924",
"ident": null
},
{
"date": "2017-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-10174",
"ident": null
},
{
"date": "2017-01-30T00:00:00",
"db": "BID",
"id": "95867",
"ident": null
},
{
"date": "2017-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-105",
"ident": null
},
{
"date": "2017-03-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007707",
"ident": null
},
{
"date": "2017-01-30T04:59:00.157000",
"db": "NVD",
"id": "CVE-2016-10174",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-02-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-01201",
"ident": null
},
{
"date": "2017-09-03T00:00:00",
"db": "VULHUB",
"id": "VHN-88924",
"ident": null
},
{
"date": "2017-09-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-10174",
"ident": null
},
{
"date": "2017-02-02T01:03:00",
"db": "BID",
"id": "95867",
"ident": null
},
{
"date": "2017-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-105",
"ident": null
},
{
"date": "2017-03-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-007707",
"ident": null
},
{
"date": "2025-10-22T00:15:48.580000",
"db": "NVD",
"id": "CVE-2016-10174",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-105"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "NETGEAR WNR2000v5 Router buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-007707"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-105"
}
],
"trust": 0.6
}
}
VAR-201505-0408
Vulnerability from variot - Updated: 2025-04-13 23:29Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005. KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. KCodes NetUSB The kernel driver contains a buffer overflow vulnerability. KCodes NetUSB Is Linux Connected to base embedded devices (home router products, etc.) USB Share devices on the network "USB over IP" To realize the function, Linux Kernel module. Buffer overflow (CWE-120) - CVE-2015-3036 http://cwe.mitre.org/data/definitions/120.html The client NetUSB The data to send when connecting to the server NetUSB A buffer overflow can occur because the kernel driver does not validate properly. For more information SEC Consult Please check the advisory for. SEC Consult Vulnerability Lab Security Advisory < 20150519-0 > https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt In addition, National Vulnerability Database (NVD) Then CWE-119 It is published as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer ( Buffer error ) http://cwe.mitre.org/data/definitions/119.htmlAn attacker on the local network caused a buffer overflow, resulting in a denial of service operation (DoS) An attacker may be able to attack or execute arbitrary code. Depending on the default settings of the device, a remote attack may be possible. KCodes NetUSB is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. SEC Consult Vulnerability Lab Security Advisory < 20150519-0 > ======================================================================= title: Kernel Stack Buffer Overflow product: KCodes NetUSB vulnerable version: see Vulnerable / tested versions fixed version: see Solution CVE number: CVE-2015-3036, VU#177092 impact: Critical homepage: http://www.kcodes.com/ found: 2015-02-23 by: Stefan Viehböck (Office Vienna) SEC Consult Vulnerability Lab
An integrated part of SEC Consult
Berlin - Frankfurt/Main - Montreal - Singapore
Vienna (HQ) - Vilnius - Zurich
https://www.sec-consult.com
=======================================================================
Vendor description:
"The world's premier technology provider of mobile printing, audio and video communication, file sharing, and USB applications for iPhones, iPads, smart phones and tablets (Android and Windows), MacBooks, and Ultrabooks."
Source: http://www.kcodes.com/
Vulnerability overview/description:
NetUSB suffers from a remotely exploitable kernel stack buffer overflow. Because of insufficient input validation, an overly long computer name can be used to overflow the "computer name" kernel stack buffer. This results in memory corruption which can be turned into arbitrary remote code execution.
Furthermore, a more detailed summary of this advisory has been published at our blog: http://blog.sec-consult.com
Proof of concept:
Below is an excerpt from the vulnerable run_init_sbus() function (pseudo code):
int computername_len; char computername_buf[64]; // connection initiation, handshake len = ks_recv(sock, &computername_len, 4, 0); // ... len = ks_recv(sock, computername_buf, computername_len, 0); // boom!
A proof of concept "netusb_bof.py" has been developed which exploits the vulnerability. The PoC DoS exploit will not be published as many vendors did not patch the vulnerability yet.
Example use that results in denial-of-service (kernel memory corruption that results in a device reboot): ./netusb_bof.py 192.168.1.1 20005 500
Vulnerable / tested versions:
The vulnerability has been verified to exist in most recent firmware versions of the following devives:
TP-Link TL-WDR4300 V1 TP-Link WR1043ND v2 NETGEAR WNDR4500
Furthermore we've identified NetUSB in the most recent firmware version of the following products (list is not necessarily complete!): D-Link DIR-615 C NETGEAR AC1450 NETGEAR CENTRIA (WNDR4700/4720) NETGEAR D6100 NETGEAR D6200 NETGEAR D6300 NETGEAR D6400 NETGEAR DC112A NETGEAR DC112A (Zain) NETGEAR DGND4000 NETGEAR EX6200 NETGEAR EX7000 NETGEAR JNR3000 NETGEAR JNR3210 NETGEAR JR6150 NETGEAR LG6100D NETGEAR PR2000 NETGEAR R6050 NETGEAR R6100 NETGEAR R6200 NETGEAR R6200v2 NETGEAR R6220 NETGEAR R6250 NETGEAR R6300v1 NETGEAR R6300v2 NETGEAR R6700 NETGEAR R7000 NETGEAR R7500 NETGEAR R7900 NETGEAR R8000 NETGEAR WN3500RP NETGEAR WNDR3700v5 NETGEAR WNDR4300 NETGEAR WNDR4300v2 NETGEAR WNDR4500 NETGEAR WNDR4500v2 NETGEAR WNDR4500v3 NETGEAR XAU2511 NETGEAR XAUB2511 TP-LINK Archer C2 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer C20 V1.0 (Not affected) TP-LINK Archer C20i V1.0 (Fix planned before 2015/05/25) TP-LINK Archer C5 V1.2 (Fix planned before 2015/05/22) TP-LINK Archer C5 V2.0 (Fix planned before 2015/05/30) TP-LINK Archer C7 V1.0 (Fix planned before 2015/05/30) TP-LINK Archer C7 V2.0 (Fix already released) TP-LINK Archer C8 V1.0 (Fix planned before 2015/05/30) TP-LINK Archer C9 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer D2 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer D5 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer D7 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer D7B V1.0 (Fix planned before 2015/05/31) TP-LINK Archer D9 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer VR200v V1.0 (Fix already released) TP-LINK TD-VG3511 V1.0 (End-Of-Life) TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/31) TP-LINK TD-W1042ND V1.0 (End-Of-Life) TP-LINK TD-W1043ND V1.0 (End-Of-Life) TP-LINK TD-W8968 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8968 V2.0 (Fix planned before 2015/05/30) TP-LINK TD-W8968 V3.0 (Fix planned before 2015/05/25) TP-LINK TD-W8970 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8970 V3.0 (Fix already released) TP-LINK TD-W8970B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8980 V3.0 (Fix planned before 2015/05/25) TP-LINK TD-W8980B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W9980 V1.0 (Fix already released) TP-LINK TD-W9980B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-WDR4900 V1.0 (End-Of-Life) TP-LINK TL-WR1043ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR1043ND V3.0 (Fix planned before 2015/05/30) TP-LINK TL-WR1045ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR3500 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR3600 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR4300 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR842ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR842ND V1.0 (End-Of-Life) TP-LINK TX-VG1530(GPON) V1.0 (Fix planned before 2015/05/31) Trendnet TE100-MFP1 (v1.0R) Trendnet TEW-632BRP (A1.0R) Trendnet TEW-632BRP (A1.1R/A1.2R) Trendnet TEW-632BRP (A1.1R/A1.2R/A1.3R) Trendnet TEW-634GRU (v1.0R) Trendnet TEW-652BRP (V1.0R) Trendnet TEW-673GRU (v1.0R) Trendnet TEW-811DRU (v1.0R) Trendnet TEW-812DRU (v1.0R) Trendnet TEW-812DRU (v2.xR) Trendnet TEW-813DRU (v1.0R) Trendnet TEW-818DRU (v1.0R) Trendnet TEW-823DRU (v1.0R) Trendnet TEW-MFP1 (v1.0R) Zyxel NBG-419N v2 Zyxel NBG4615 v2 Zyxel NBG5615 Zyxel NBG5715
Based on information embedded in KCodes drivers we believe the following vendors are affected: Allnet Ambir Technology AMIT Asante Atlantis Corega Digitus D-Link EDIMAX Encore Electronics Engenius Etop Hardlink Hawking IOGEAR LevelOne Longshine NETGEAR PCI PROLiNK Sitecom Taifa TP-LINK TRENDnet Western Digital ZyXEL
Vendor contact timeline:
2015-02-28: Contacting vendor through support@kcodes.com 2015-03-04: No response, contacting various KCodes addresses found on the web. 2015-03-05: Vendor responds, requests more information. 2015-03-05: Providing advisory and proof of concept exploit. 2015-03-16: No response, requesting status update. 2015-03-16: Vendor responds, asks about fix verification(?) 2015-03-16: Requesting clarification about fixing status and information about next steps. Proposing conference call dates. 2015-03-19: No response, informing that notification of CERT/CC and selected vendors will start shortly. Requesting clarification about fixing status and information about next steps again. 2015-03-19: Vendor responds, confirms conference call date (2015-03-25). No further information provided. 2015-03-19: Providing advisory and proof of concept exploit to TP-LINK and NETGEAR. 2015-03-25: Vendor cancels conference call on short notice (sudden week-long business trip). 2015-03-26: Asking for support of CERT/CC regarding vendor coordination. 2015-03 - 2015-05: Coordination between CERT & vendors, NETGEAR and TP-LINK 2015-05-13: Notifying German CERT-Bund and Austrian CERT.at 2015-05-19: Coordinated release of security advisory
Solution:
TP-LINK has started releasing fixed firmware. The status of affected products can be found in the affected product list above.
For additional information also see CERT/CC vulnerability notice: http://www.kb.cert.org/vuls/id/177092
Workaround:
Sometimes NetUSB can be disabled via the web interface, but at least on NETGEAR devices this does not mitigate the vulnerability. NETGEAR told us, that there is no workaround available, the TCP port can't be firewalled nor is there a way to disable the service on their devices. It ensures the continued knowledge gain of SEC Consult in the field of network and application security to stay ahead of the attacker. The SEC Consult Vulnerability Lab supports high-quality penetration testing and the evaluation of new offensive and defensive technologies for our customers. Hence our customers obtain the most current information about vulnerabilities and valid recommendation about the risk profile of new technologies.
Interested to work with the experts of SEC Consult?
Send us your application https://www.sec-consult.com/en/Career.htm
Interested in improving your cyber security with the experts of SEC Consult?
Contact our local offices https://www.sec-consult.com/en/About/Contact.htm
Mail: research at sec-consult dot com Web: https://www.sec-consult.com Blog: http://blog.sec-consult.com Twitter: https://twitter.com/sec_consult
EOF Stefan Viehböck / @2015
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "netusb",
"scope": "eq",
"trust": 1.6,
"vendor": "kcodes",
"version": null
},
{
"_id": null,
"model": "tew-632brp",
"scope": null,
"trust": 1.2,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "kcodes",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"_id": null,
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"_id": null,
"model": "tew-812dru",
"scope": null,
"trust": 0.6,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "nbg5715",
"scope": "eq",
"trust": 0.3,
"vendor": "zyxel",
"version": "0"
},
{
"_id": null,
"model": "nbg5615",
"scope": "eq",
"trust": 0.3,
"vendor": "zyxel",
"version": "0"
},
{
"_id": null,
"model": "nbg4615",
"scope": "eq",
"trust": 0.3,
"vendor": "zyxel",
"version": "v2"
},
{
"_id": null,
"model": "nbg-419n",
"scope": "eq",
"trust": 0.3,
"vendor": "zyxel",
"version": "v20"
},
{
"_id": null,
"model": "tew-mfp1",
"scope": null,
"trust": 0.3,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "tew-823dru",
"scope": null,
"trust": 0.3,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "tew-818dru",
"scope": null,
"trust": 0.3,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "tew-813dru",
"scope": null,
"trust": 0.3,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "tew-811dru",
"scope": null,
"trust": 0.3,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "tew-673gru",
"scope": null,
"trust": 0.3,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "tew-652brp",
"scope": null,
"trust": 0.3,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "tew-634gru",
"scope": null,
"trust": 0.3,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "te100-mfp1",
"scope": null,
"trust": 0.3,
"vendor": "trendnet",
"version": null
},
{
"_id": null,
"model": "tx-vg1530",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "tl-wr842nd",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "2.0"
},
{
"_id": null,
"model": "tl-wr842nd",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "tl-wr4300",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "tl-wr3600",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "tl-wr3500",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "tl-wr1045nd",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "2.0"
},
{
"_id": null,
"model": "tl-wr1043nd",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.0"
},
{
"_id": null,
"model": "tl-wr1043nd",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "2.0"
},
{
"_id": null,
"model": "td-wdr4900",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-w9980b",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-w9980",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-w8980b",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-w8980",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.0"
},
{
"_id": null,
"model": "td-w8970b",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-w8970",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.0"
},
{
"_id": null,
"model": "td-w8970",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-w8968",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.0"
},
{
"_id": null,
"model": "td-w8968",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "2.0"
},
{
"_id": null,
"model": "td-w8968",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-w1043nd",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-w1042nd",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-vg3631",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "td-vg3511",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "archer vr200v",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "archer d9",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "archer d7b",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "archer d7",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "archer d5",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "archer d2",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "archer c7",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "archer c5",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "2.0"
},
{
"_id": null,
"model": "archer c20i",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "archer c2",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "1.0"
},
{
"_id": null,
"model": "xaub2511",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "xau2511",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wndr4500v3",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wndr4500v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wndr4500",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wndr4300v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wndr4300",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wndr3700v5",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wn3500rp",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r8000",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r7900",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r7500",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r7000",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6700",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6300v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6300v1",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6250",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6220",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6200v2",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6200",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6100",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6050",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "pr2000",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "lg6100d",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "jr6150",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "jnr3000",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "ex7000",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "ex6200",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "dgnd4000",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "dc112a",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "d6400",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "d6300",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "d6200",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "d6100",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "centria wndr4720",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "centria wndr4700",
"scope": null,
"trust": 0.3,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "ac1450",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "netusb",
"scope": "eq",
"trust": 0.3,
"vendor": "kcodes",
"version": "0"
},
{
"_id": null,
"model": "dir-685",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.00"
},
{
"_id": null,
"model": "dir-615",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "3.13"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#177092"
},
{
"db": "BID",
"id": "74724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002741"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-429"
},
{
"db": "NVD",
"id": "CVE-2015-3036"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:misc:multiple_vendors",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002741"
}
]
},
"credits": {
"_id": null,
"data": "Stefan Viehb\u00f6ck from SEC Consult Vulnerability Lab",
"sources": [
{
"db": "BID",
"id": "74724"
}
],
"trust": 0.3
},
"cve": "CVE-2015-3036",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-3036",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 5.7,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 3.7,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 5.5,
"id": "CVE-2015-3036",
"impactScore": 6.9,
"integrityImpact": "NONE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "WORKAROUND",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-3036",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-3036",
"trust": 0.8,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-3036",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201505-429",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2015-3036",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#177092"
},
{
"db": "VULMON",
"id": "CVE-2015-3036"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002741"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-429"
},
{
"db": "NVD",
"id": "CVE-2015-3036"
}
]
},
"description": {
"_id": null,
"data": "Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005. KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. KCodes NetUSB The kernel driver contains a buffer overflow vulnerability. KCodes NetUSB Is Linux Connected to base embedded devices (home router products, etc.) USB Share devices on the network \"USB over IP\" To realize the function, Linux Kernel module. Buffer overflow (CWE-120) - CVE-2015-3036 http://cwe.mitre.org/data/definitions/120.html The client NetUSB The data to send when connecting to the server NetUSB A buffer overflow can occur because the kernel driver does not validate properly. For more information SEC Consult Please check the advisory for. SEC Consult Vulnerability Lab Security Advisory \u003c 20150519-0 \u003e https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt In addition, National Vulnerability Database (NVD) Then CWE-119 It is published as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer ( Buffer error ) http://cwe.mitre.org/data/definitions/119.htmlAn attacker on the local network caused a buffer overflow, resulting in a denial of service operation (DoS) An attacker may be able to attack or execute arbitrary code. Depending on the default settings of the device, a remote attack may be possible. KCodes NetUSB is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. SEC Consult Vulnerability Lab Security Advisory \u003c 20150519-0 \u003e\n=======================================================================\n title: Kernel Stack Buffer Overflow\n product: KCodes NetUSB\n vulnerable version: see Vulnerable / tested versions\n fixed version: see Solution\n CVE number: CVE-2015-3036, VU#177092\n impact: Critical\n homepage: http://www.kcodes.com/\n found: 2015-02-23\n by: Stefan Viehb\u00f6ck (Office Vienna)\n SEC Consult Vulnerability Lab\n\n An integrated part of SEC Consult\n Berlin - Frankfurt/Main - Montreal - Singapore\n Vienna (HQ) - Vilnius - Zurich\n\n https://www.sec-consult.com\n\n=======================================================================\n\nVendor description:\n-------------------\n\"The world\u0027s premier technology provider of mobile printing, audio and\nvideo communication, file sharing, and USB applications for iPhones,\niPads, smart phones and tablets (Android and Windows), MacBooks, and\nUltrabooks.\"\n\nSource: http://www.kcodes.com/\n\n\nVulnerability overview/description:\n-----------------------------------\nNetUSB suffers from a remotely exploitable kernel stack buffer overflow. \nBecause of insufficient input validation, an overly long computer name can be\nused to overflow the \"computer name\" kernel stack buffer. This results in\nmemory corruption which can be turned into arbitrary remote code execution. \n\nFurthermore, a more detailed summary of this advisory has been published at our\nblog: http://blog.sec-consult.com\n\n\nProof of concept:\n-----------------\nBelow is an excerpt from the vulnerable run_init_sbus() function (pseudo code):\n\nint computername_len;\nchar computername_buf[64];\n// connection initiation, handshake\nlen = ks_recv(sock, \u0026computername_len, 4, 0);\n// ... \nlen = ks_recv(sock, computername_buf, computername_len, 0); // boom!\n\nA proof of concept \"netusb_bof.py\" has been developed which exploits the\nvulnerability. The PoC DoS exploit will not be published as many vendors\ndid not patch the vulnerability yet. \n\nExample use that results in denial-of-service (kernel memory corruption that\nresults in a device reboot):\n./netusb_bof.py 192.168.1.1 20005 500\n\n\nVulnerable / tested versions:\n-----------------------------\nThe vulnerability has been verified to exist in most recent firmware versions\nof the following devives:\n\nTP-Link TL-WDR4300 V1\nTP-Link WR1043ND v2\nNETGEAR WNDR4500\n\nFurthermore we\u0027ve identified NetUSB in the most recent firmware version of the\nfollowing products (list is not necessarily complete!):\nD-Link DIR-615 C\nNETGEAR AC1450\nNETGEAR CENTRIA (WNDR4700/4720)\nNETGEAR D6100\nNETGEAR D6200\nNETGEAR D6300\nNETGEAR D6400\nNETGEAR DC112A\nNETGEAR DC112A (Zain)\nNETGEAR DGND4000\nNETGEAR EX6200\nNETGEAR EX7000\nNETGEAR JNR3000\nNETGEAR JNR3210\nNETGEAR JR6150\nNETGEAR LG6100D\nNETGEAR PR2000\nNETGEAR R6050\nNETGEAR R6100\nNETGEAR R6200\nNETGEAR R6200v2\nNETGEAR R6220\nNETGEAR R6250\nNETGEAR R6300v1\nNETGEAR R6300v2\nNETGEAR R6700\nNETGEAR R7000\nNETGEAR R7500\nNETGEAR R7900\nNETGEAR R8000\nNETGEAR WN3500RP\nNETGEAR WNDR3700v5\nNETGEAR WNDR4300\nNETGEAR WNDR4300v2\nNETGEAR WNDR4500\nNETGEAR WNDR4500v2\nNETGEAR WNDR4500v3\nNETGEAR XAU2511\nNETGEAR XAUB2511\nTP-LINK Archer C2 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer C20 V1.0 (Not affected)\nTP-LINK Archer C20i V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer C5 V1.2 (Fix planned before 2015/05/22)\nTP-LINK Archer C5 V2.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C7 V1.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C7 V2.0 (Fix already released)\nTP-LINK Archer C8 V1.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C9 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer D2 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer D5 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer D7 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer D7B V1.0 (Fix planned before 2015/05/31)\nTP-LINK Archer D9 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer VR200v V1.0 (Fix already released)\nTP-LINK TD-VG3511 V1.0 (End-Of-Life)\nTP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/31)\nTP-LINK TD-W1042ND V1.0 (End-Of-Life)\nTP-LINK TD-W1043ND V1.0 (End-Of-Life)\nTP-LINK TD-W8968 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8968 V2.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8968 V3.0 (Fix planned before 2015/05/25)\nTP-LINK TD-W8970 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8970 V3.0 (Fix already released)\nTP-LINK TD-W8970B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8980 V3.0 (Fix planned before 2015/05/25)\nTP-LINK TD-W8980B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W9980 V1.0 (Fix already released)\nTP-LINK TD-W9980B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-WDR4900 V1.0 (End-Of-Life)\nTP-LINK TL-WR1043ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR1043ND V3.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR1045ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR3500 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR3600 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR4300 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR842ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR842ND V1.0 (End-Of-Life)\nTP-LINK TX-VG1530(GPON) V1.0 (Fix planned before 2015/05/31)\nTrendnet TE100-MFP1 (v1.0R)\nTrendnet TEW-632BRP (A1.0R)\nTrendnet TEW-632BRP (A1.1R/A1.2R)\nTrendnet TEW-632BRP (A1.1R/A1.2R/A1.3R)\nTrendnet TEW-634GRU (v1.0R)\nTrendnet TEW-652BRP (V1.0R)\nTrendnet TEW-673GRU (v1.0R)\nTrendnet TEW-811DRU (v1.0R)\nTrendnet TEW-812DRU (v1.0R)\nTrendnet TEW-812DRU (v2.xR)\nTrendnet TEW-813DRU (v1.0R)\nTrendnet TEW-818DRU (v1.0R)\nTrendnet TEW-823DRU (v1.0R)\nTrendnet TEW-MFP1 (v1.0R)\nZyxel NBG-419N v2\nZyxel NBG4615 v2\nZyxel NBG5615\nZyxel NBG5715\n\nBased on information embedded in KCodes drivers we believe the following\nvendors are affected:\nAllnet\nAmbir Technology\nAMIT\nAsante\nAtlantis\nCorega\nDigitus\nD-Link\nEDIMAX\nEncore Electronics\nEngenius\nEtop\nHardlink\nHawking\nIOGEAR\nLevelOne\nLongshine\nNETGEAR\nPCI\nPROLiNK\nSitecom\nTaifa\nTP-LINK\nTRENDnet\nWestern Digital\nZyXEL\n\n\nVendor contact timeline:\n------------------------\n2015-02-28: Contacting vendor through support@kcodes.com\n2015-03-04: No response, contacting various KCodes addresses found on the web. \n2015-03-05: Vendor responds, requests more information. \n2015-03-05: Providing advisory and proof of concept exploit. \n2015-03-16: No response, requesting status update. \n2015-03-16: Vendor responds, asks about fix verification(?)\n2015-03-16: Requesting clarification about fixing status and information about\n next steps. Proposing conference call dates. \n2015-03-19: No response, informing that notification of CERT/CC and selected\n vendors will start shortly. Requesting clarification about fixing\n status and information about next steps again. \n2015-03-19: Vendor responds, confirms conference call date (2015-03-25). No\n further information provided. \n2015-03-19: Providing advisory and proof of concept exploit to TP-LINK and\n NETGEAR. \n2015-03-25: Vendor cancels conference call on short notice (sudden week-long\n business trip). \n2015-03-26: Asking for support of CERT/CC regarding vendor coordination. \n2015-03 - 2015-05: Coordination between CERT \u0026 vendors, NETGEAR and TP-LINK\n2015-05-13: Notifying German CERT-Bund and Austrian CERT.at\n2015-05-19: Coordinated release of security advisory\n\n\nSolution:\n---------\nTP-LINK has started releasing fixed firmware. The status of affected products\ncan be found in the affected product list above. \n\nFor additional information also see CERT/CC vulnerability notice:\nhttp://www.kb.cert.org/vuls/id/177092\n\n\nWorkaround:\n-----------\nSometimes NetUSB can be disabled via the web interface, but at least on NETGEAR\ndevices this does not mitigate the vulnerability. NETGEAR told us, that there is\nno workaround available, the TCP port can\u0027t be firewalled nor is there a way to\ndisable the service on their devices. It\nensures the continued knowledge gain of SEC Consult in the field of network\nand application security to stay ahead of the attacker. The SEC Consult\nVulnerability Lab supports high-quality penetration testing and the evaluation\nof new offensive and defensive technologies for our customers. Hence our\ncustomers obtain the most current information about vulnerabilities and valid\nrecommendation about the risk profile of new technologies. \n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nInterested to work with the experts of SEC Consult?\nSend us your application https://www.sec-consult.com/en/Career.htm\n\nInterested in improving your cyber security with the experts of SEC Consult?\nContact our local offices https://www.sec-consult.com/en/About/Contact.htm\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nMail: research at sec-consult dot com\nWeb: https://www.sec-consult.com\nBlog: http://blog.sec-consult.com\nTwitter: https://twitter.com/sec_consult\n\nEOF Stefan Viehb\u00f6ck / @2015\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-3036"
},
{
"db": "CERT/CC",
"id": "VU#177092"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002741"
},
{
"db": "BID",
"id": "74724"
},
{
"db": "VULMON",
"id": "CVE-2015-3036"
},
{
"db": "PACKETSTORM",
"id": "131987"
}
],
"trust": 2.79
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/177092",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=38566",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#177092"
},
{
"db": "VULMON",
"id": "CVE-2015-3036"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#177092",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2015-3036",
"trust": 2.9
},
{
"db": "BID",
"id": "74724",
"trust": 1.4
},
{
"db": "PACKETSTORM",
"id": "131987",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1032377",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "133919",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "38566",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "38454",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU90185396",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002741",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201505-429",
"trust": 0.6
},
{
"db": "DLINK",
"id": "SAP10057",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2015-3036",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#177092"
},
{
"db": "VULMON",
"id": "CVE-2015-3036"
},
{
"db": "BID",
"id": "74724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002741"
},
{
"db": "PACKETSTORM",
"id": "131987"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-429"
},
{
"db": "NVD",
"id": "CVE-2015-3036"
}
]
},
"id": "VAR-201505-0408",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5346243894594594
},
"last_update_date": "2025-04-13T23:29:37.607000Z",
"patch": {
"_id": null,
"data": [
{
"title": "USB Over IP (NetUSB)",
"trust": 0.8,
"url": "http://www.kcodes.com/product/usb_01.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2015/05/20/netusb_router_fail/"
},
{
"title": "TD-W8970-NetUSB-Fix-v1-",
"trust": 0.1,
"url": "https://github.com/Leproide/TD-W8970-NetUSB-Fix-v1- "
},
{
"title": "NetUSB-exploit",
"trust": 0.1,
"url": "https://github.com/funsecurity/NetUSB-exploit "
},
{
"title": "MiraiSecurity",
"trust": 0.1,
"url": "https://github.com/pandazheng/MiraiSecurity "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/details-surface-on-unpatched-kcodes-netusb-bug/112910/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-3036"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002741"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002741"
},
{
"db": "NVD",
"id": "CVE-2015-3036"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.6,
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_kcodes_netusb_kernel_stack_buffer_overflow_v10.txt"
},
{
"trust": 3.3,
"url": "http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html"
},
{
"trust": 2.9,
"url": "http://www.kb.cert.org/vuls/id/177092"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/74724"
},
{
"trust": 1.2,
"url": "https://www.exploit-db.com/exploits/38566/"
},
{
"trust": 1.1,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10057"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/131987/kcodes-netusb-buffer-overflow.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2015/may/74"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032377"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/133919/netusb-stack-buffer-overflow.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2015/oct/50"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/38454/"
},
{
"trust": 0.8,
"url": "http://kb.netgear.com/app/answers/detail/a_id/28393/"
},
{
"trust": 0.8,
"url": "http://www.trendnet.com/support/view.asp?cat=4\u0026id=58"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3036"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90185396/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3036"
},
{
"trust": 0.3,
"url": "http://www.kcodes.com/product/usb_01.html"
},
{
"trust": 0.3,
"url": "https://github.com/funsecurity/netusb-exploit"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/leproide/td-w8970-netusb-fix-v1-"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com/en/career.htm"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3036"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com/en/about/contact.htm"
},
{
"trust": 0.1,
"url": "https://twitter.com/sec_consult"
},
{
"trust": 0.1,
"url": "http://blog.sec-consult.com"
},
{
"trust": 0.1,
"url": "http://www.kcodes.com/"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com/en/vulnerability-lab/advisories.htm"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#177092"
},
{
"db": "VULMON",
"id": "CVE-2015-3036"
},
{
"db": "BID",
"id": "74724"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002741"
},
{
"db": "PACKETSTORM",
"id": "131987"
},
{
"db": "CNNVD",
"id": "CNNVD-201505-429"
},
{
"db": "NVD",
"id": "CVE-2015-3036"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#177092",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2015-3036",
"ident": null
},
{
"db": "BID",
"id": "74724",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002741",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "131987",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201505-429",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-3036",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-05-19T00:00:00",
"db": "CERT/CC",
"id": "VU#177092",
"ident": null
},
{
"date": "2015-05-21T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3036",
"ident": null
},
{
"date": "2015-05-19T00:00:00",
"db": "BID",
"id": "74724",
"ident": null
},
{
"date": "2015-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002741",
"ident": null
},
{
"date": "2015-05-21T14:44:44",
"db": "PACKETSTORM",
"id": "131987",
"ident": null
},
{
"date": "2015-05-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-429",
"ident": null
},
{
"date": "2015-05-21T01:59:27.087000",
"db": "NVD",
"id": "CVE-2015-3036",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-06-05T00:00:00",
"db": "CERT/CC",
"id": "VU#177092",
"ident": null
},
{
"date": "2016-12-08T00:00:00",
"db": "VULMON",
"id": "CVE-2015-3036",
"ident": null
},
{
"date": "2015-12-08T22:03:00",
"db": "BID",
"id": "74724",
"ident": null
},
{
"date": "2015-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002741",
"ident": null
},
{
"date": "2015-05-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201505-429",
"ident": null
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-3036",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-429"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "KCodes NetUSB kernel driver is vulnerable to buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#177092"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201505-429"
}
],
"trust": 0.6
}
}
VAR-202302-0136
Vulnerability from variot - Updated: 2025-03-28 02:54An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification. This affects WNR612v2 Wireless Routers 1.0.0.3 and earlier, DGN1000v3 Modem Router 1.0.0.22 and earlier, D6100 WiFi DSL Modem Routers 1.0.0.63 and earlier, WNR1000v2 Wireless Routers 1.1.2.60 and earlier, XAVN2001v2 Wireless-N Extenders 0.4.0.7 and earlier, WNR2200 Wireless Routers 1.0.1.102 and earlier, WNR2500 Wireless Routers 1.0.0.34 and earlier, R8900 Smart WiFi Routers 1.0.3.6 and earlier, and R9000 Smart WiFi Routers 1.0.3.6 and earlier. plural Netgear The product contains a flaw in the integrity verification of downloaded code.Information is tampered with and service operation is interrupted (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202302-0136",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wnr612v2",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.3"
},
{
"model": "dgn1000v3",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "wnr1000v2",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.2.60"
},
{
"model": "wnr2200",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.102"
},
{
"model": "xavn2001v2",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "0.4.0.7"
},
{
"model": "d6100",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "r8900",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "wnr2500",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "r9000",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "wnr2200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "wnr2500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "wnr612v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dgn1000v3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6100",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "wnr1000v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "xavn2001v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8900",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r9000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"db": "NVD",
"id": "CVE-2023-23110"
}
]
},
"cve": "CVE-2023-23110",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2023-23110",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2023-23110",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-23110",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2023-23110",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2023-23110",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202302-162",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-162"
},
{
"db": "NVD",
"id": "CVE-2023-23110"
},
{
"db": "NVD",
"id": "CVE-2023-23110"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification. This affects WNR612v2 Wireless Routers 1.0.0.3 and earlier, DGN1000v3 Modem Router 1.0.0.22 and earlier, D6100 WiFi DSL Modem Routers 1.0.0.63 and earlier, WNR1000v2 Wireless Routers 1.1.2.60 and earlier, XAVN2001v2 Wireless-N Extenders 0.4.0.7 and earlier, WNR2200 Wireless Routers 1.0.1.102 and earlier, WNR2500 Wireless Routers 1.0.0.34 and earlier, R8900 Smart WiFi Routers 1.0.3.6 and earlier, and R9000 Smart WiFi Routers 1.0.3.6 and earlier. plural Netgear The product contains a flaw in the integrity verification of downloaded code.Information is tampered with and service operation is interrupted (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-23110"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"db": "VULMON",
"id": "CVE-2023-23110"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-23110",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003483",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202302-162",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-23110",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-23110"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-162"
},
{
"db": "NVD",
"id": "CVE-2023-23110"
}
]
},
"id": "VAR-202302-0136",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42982739714285717
},
"last_update_date": "2025-03-28T02:54:55.760000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR\u00a0Product\u00a0Security",
"trust": 0.8,
"url": "https://www.netgear.com/about/security/"
},
{
"title": "NETGEAR D6100 Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=224796"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2023-23110 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-23110"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-162"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-494",
"trust": 1.0
},
{
"problemtype": "Incomplete integrity verification of downloaded code (CWE-494) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"db": "NVD",
"id": "CVE-2023-23110"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.netgear.com/about/security/"
},
{
"trust": 1.7,
"url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/sjcgkb-9o"
},
{
"trust": 1.7,
"url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/s1bnhbwqi"
},
{
"trust": 1.7,
"url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/hyzrxmb9s"
},
{
"trust": 1.7,
"url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/r1z4bx-5i"
},
{
"trust": 1.7,
"url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/ryjvzz-5s"
},
{
"trust": 1.7,
"url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/s1t47ebqj"
},
{
"trust": 1.7,
"url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/bkbpiegco"
},
{
"trust": 1.7,
"url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/s1qwglm5o"
},
{
"trust": 1.7,
"url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/h1licxbco"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-23110"
},
{
"trust": 0.8,
"url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/bkbpiegco"
},
{
"trust": 0.8,
"url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/h1licxbco"
},
{
"trust": 0.8,
"url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/hyzrxmb9s"
},
{
"trust": 0.8,
"url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/s1bnhbwqi"
},
{
"trust": 0.8,
"url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/s1qwglm5o"
},
{
"trust": 0.8,
"url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/s1t47ebqj"
},
{
"trust": 0.8,
"url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/sjcgkb-9o"
},
{
"trust": 0.8,
"url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/r1z4bx-5i"
},
{
"trust": 0.8,
"url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/ryjvzz-5s"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-23110/"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2023-23110"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-23110"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-162"
},
{
"db": "NVD",
"id": "CVE-2023-23110"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-23110"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"db": "CNNVD",
"id": "CNNVD-202302-162"
},
{
"db": "NVD",
"id": "CVE-2023-23110"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-02T00:00:00",
"db": "VULMON",
"id": "CVE-2023-23110"
},
{
"date": "2023-09-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"date": "2023-02-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202302-162"
},
{
"date": "2023-02-02T15:17:43.473000",
"db": "NVD",
"id": "CVE-2023-23110"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-03T00:00:00",
"db": "VULMON",
"id": "CVE-2023-23110"
},
{
"date": "2023-09-11T01:21:00",
"db": "JVNDB",
"id": "JVNDB-2023-003483"
},
{
"date": "2023-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202302-162"
},
{
"date": "2025-03-26T21:15:18.670000",
"db": "NVD",
"id": "CVE-2023-23110"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202302-162"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Netgear\u00a0 Vulnerability related to insufficient integrity verification of downloaded code in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-003483"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202302-162"
}
],
"trust": 0.6
}
}
VAR-202004-1636
Vulnerability from variot - Updated: 2024-11-23 23:11plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1636",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.14"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.34"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "d500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "d1500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.82_1.1.117"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34_1.0.70"
},
{
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d1500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
}
]
},
"cve": "CVE-2018-21231",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21231",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016407",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21231",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.1,
"id": "CVE-2018-21231",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2018-016407",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21231",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21231",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016407",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2129",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21231",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "VULMON",
"id": "CVE-2018-21231"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21231",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21231",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"id": "VAR-202004-1636",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4058950425581395
},
"last_update_date": "2024-11-23T23:11:26.757000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration on Some Routers, Gateways, and Extenders, PSV-2016-0102",
"trust": 0.8,
"url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117052"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055103/security-advisory-for-security-misconfiguration-on-some-routers-gateways-and-extenders-psv-2016-0102"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21231"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21231"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"date": "2020-04-24T15:15:13.003000",
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"date": "2024-11-21T04:03:14.407000",
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
}
],
"trust": 0.6
}
}
VAR-202004-1657
Vulnerability from variot - Updated: 2024-11-23 23:11Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1657",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.2,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.130"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46563"
},
{
"db": "VULMON",
"id": "CVE-2018-21211"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"db": "NVD",
"id": "CVE-2018-21211"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
}
]
},
"cve": "CVE-2018-21211",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21211",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016359",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-46563",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21211",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21211",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016359",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21211",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21211",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016359",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-46563",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2284",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21211",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46563"
},
{
"db": "VULMON",
"id": "CVE-2018-21211"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2284"
},
{
"db": "NVD",
"id": "CVE-2018-21211"
},
{
"db": "NVD",
"id": "CVE-2018-21211"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21211"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"db": "CNVD",
"id": "CNVD-2021-46563"
},
{
"db": "VULMON",
"id": "CVE-2018-21211"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21211",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016359",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-46563",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2284",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21211",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46563"
},
{
"db": "VULMON",
"id": "CVE-2018-21211"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2284"
},
{
"db": "NVD",
"id": "CVE-2018-21211"
}
]
},
"id": "VAR-202004-1657",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46563"
}
],
"trust": 1.2545377938461537
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46563"
}
]
},
"last_update_date": "2024-11-23T23:11:26.727000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2017-2491",
"trust": 0.8,
"url": "https://kb.netgear.com/000055138/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2491"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46563)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/276321"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117376"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46563"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2284"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"db": "NVD",
"id": "CVE-2018-21211"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21211"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055138/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2017-2491"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21211"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46563"
},
{
"db": "VULMON",
"id": "CVE-2018-21211"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2284"
},
{
"db": "NVD",
"id": "CVE-2018-21211"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-46563"
},
{
"db": "VULMON",
"id": "CVE-2018-21211"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2284"
},
{
"db": "NVD",
"id": "CVE-2018-21211"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46563"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21211"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2284"
},
{
"date": "2020-04-28T16:15:13.950000",
"db": "NVD",
"id": "CVE-2018-21211"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46563"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21211"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016359"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2284"
},
{
"date": "2024-11-21T04:03:11.257000",
"db": "NVD",
"id": "CVE-2018-21211"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2284"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016359"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2284"
}
],
"trust": 0.6
}
}
VAR-202004-1678
Vulnerability from variot - Updated: 2024-11-23 23:11Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1678",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28115"
},
{
"db": "VULMON",
"id": "CVE-2018-21176"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"db": "NVD",
"id": "CVE-2018-21176"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
}
]
},
"cve": "CVE-2018-21176",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-21176",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016385",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2020-28115",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2018-21176",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21176",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016385",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21176",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21176",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016385",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-28115",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2219",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21176",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28115"
},
{
"db": "VULMON",
"id": "CVE-2018-21176"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2219"
},
{
"db": "NVD",
"id": "CVE-2018-21176"
},
{
"db": "NVD",
"id": "CVE-2018-21176"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21176"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"db": "CNVD",
"id": "CNVD-2020-28115"
},
{
"db": "VULMON",
"id": "CVE-2018-21176"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21176",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016385",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28115",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2219",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21176",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28115"
},
{
"db": "VULMON",
"id": "CVE-2018-21176"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2219"
},
{
"db": "NVD",
"id": "CVE-2018-21176"
}
]
},
"id": "VAR-202004-1678",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28115"
}
],
"trust": 1.2739518849999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28115"
}
]
},
"last_update_date": "2024-11-23T23:11:26.693000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2623",
"trust": 0.8,
"url": "https://kb.netgear.com/000055182/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2623"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28115)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217411"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117724"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28115"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2219"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"db": "NVD",
"id": "CVE-2018-21176"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21176"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055182/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2623"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21176"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28115"
},
{
"db": "VULMON",
"id": "CVE-2018-21176"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2219"
},
{
"db": "NVD",
"id": "CVE-2018-21176"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28115"
},
{
"db": "VULMON",
"id": "CVE-2018-21176"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2219"
},
{
"db": "NVD",
"id": "CVE-2018-21176"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28115"
},
{
"date": "2020-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21176"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"date": "2020-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2219"
},
{
"date": "2020-04-27T20:15:11.897000",
"db": "NVD",
"id": "CVE-2018-21176"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28115"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21176"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016385"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2219"
},
{
"date": "2024-11-21T04:03:05.770000",
"db": "NVD",
"id": "CVE-2018-21176"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2219"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016385"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2219"
}
],
"trust": 0.6
}
}
VAR-202004-0756
Vulnerability from variot - Updated: 2024-11-23 23:08Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6000 before 1.0.0.72, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0756",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.3.2.32"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r8900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "wndr4300v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.104"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-66984"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"db": "NVD",
"id": "CVE-2019-20736"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
}
]
},
"cve": "CVE-2019-20736",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2019-20736",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015453",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2021-66984",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20736",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20736",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015453",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20736",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20736",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015453",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-66984",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1347",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-66984"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1347"
},
{
"db": "NVD",
"id": "CVE-2019-20736"
},
{
"db": "NVD",
"id": "CVE-2019-20736"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6000 before 1.0.0.72, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20736"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"db": "CNVD",
"id": "CNVD-2021-66984"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20736",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015453",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-66984",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1347",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-66984"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1347"
},
{
"db": "NVD",
"id": "CVE-2019-20736"
}
]
},
"id": "VAR-202004-0756",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-66984"
}
],
"trust": 1.2411164908333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-66984"
}
]
},
"last_update_date": "2024-11-23T23:08:03.187000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2018-0133",
"trust": 0.8,
"url": "https://kb.netgear.com/000061190/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0133"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-66984)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/288736"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114906"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-66984"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1347"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"db": "NVD",
"id": "CVE-2019-20736"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20736"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061190/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2018-0133"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20736"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-66984"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1347"
},
{
"db": "NVD",
"id": "CVE-2019-20736"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-66984"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1347"
},
{
"db": "NVD",
"id": "CVE-2019-20736"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-66984"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1347"
},
{
"date": "2020-04-16T20:15:13.680000",
"db": "NVD",
"id": "CVE-2019-20736"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-66984"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015453"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1347"
},
{
"date": "2024-11-21T04:39:13.527000",
"db": "NVD",
"id": "CVE-2019-20736"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015453"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1347"
}
],
"trust": 0.6
}
}
VAR-202004-0777
Vulnerability from variot - Updated: 2024-11-23 23:08Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR R7500 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0777",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.47"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.3.0.32"
},
{
"model": "rbr50",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.3.0.32"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.3.0.32"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "dm200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.40"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "dm200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.40"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.47"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "rbk50",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.3.0.32"
},
{
"model": "rbr50",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.3.0.32"
},
{
"model": "rbs50",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.3.0.32"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.40"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30686"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"db": "NVD",
"id": "CVE-2019-20715"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dm200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs50_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wayne Low of Fortinets FortiGuard Labs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1299"
}
],
"trust": 0.6
},
"cve": "CVE-2019-20715",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2019-20715",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-015317",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CNVD-2020-30686",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"id": "CVE-2019-20715",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"id": "CVE-2019-20715",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2019-015317",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20715",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20715",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015317",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-30686",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1299",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30686"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1299"
},
{
"db": "NVD",
"id": "CVE-2019-20715"
},
{
"db": "NVD",
"id": "CVE-2019-20715"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR R7500 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20715"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"db": "CNVD",
"id": "CNVD-2020-30686"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20715",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015317",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-30686",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1299",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30686"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1299"
},
{
"db": "NVD",
"id": "CVE-2019-20715"
}
]
},
"id": "VAR-202004-0777",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30686"
}
],
"trust": 1.0532386472727273
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30686"
}
]
},
"last_update_date": "2024-11-23T23:08:03.159000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Stored Cross Site Scripting on Some Routers, Gateways, and WiFi Systems, PSV-2018-0248",
"trust": 0.8,
"url": "https://kb.netgear.com/000061213/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0248"
},
{
"title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-30686)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/219485"
},
{
"title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116568"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30686"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1299"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"db": "NVD",
"id": "CVE-2019-20715"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20715"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061213/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-wifi-systems-psv-2018-0248"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20715"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30686"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1299"
},
{
"db": "NVD",
"id": "CVE-2019-20715"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-30686"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1299"
},
{
"db": "NVD",
"id": "CVE-2019-20715"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30686"
},
{
"date": "2020-05-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1299"
},
{
"date": "2020-04-16T19:15:24.823000",
"db": "NVD",
"id": "CVE-2019-20715"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30686"
},
{
"date": "2020-05-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015317"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1299"
},
{
"date": "2024-11-21T04:39:10.023000",
"db": "NVD",
"id": "CVE-2019-20715"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1299"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015317"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1299"
}
],
"trust": 0.6
}
}
VAR-202004-1308
Vulnerability from variot - Updated: 2024-11-23 23:07Certain NETGEAR devices are affected by command injection. This affects D6220 before 1.0.0.28 and D6100 before 1.0.0.50_0.0.50. NETGEAR D6220 and D6100 A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1308",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50_0.0.50"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50_0.0.50"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.28"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
},
{
"db": "NVD",
"id": "CVE-2017-18795"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
}
]
},
"cve": "CVE-2017-18795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18795",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014898",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2017-18795",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2017-18795",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014898",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18795",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18795",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014898",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
},
{
"db": "NVD",
"id": "CVE-2017-18795"
},
{
"db": "NVD",
"id": "CVE-2017-18795"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection. This affects D6220 before 1.0.0.28 and D6100 before 1.0.0.50_0.0.50. NETGEAR D6220 and D6100 A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18795"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18795",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014898",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1823",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1823"
},
{
"db": "NVD",
"id": "CVE-2017-18795"
}
]
},
"id": "VAR-202004-1308",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.438521955
},
"last_update_date": "2024-11-23T23:07:58.793000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Command Injection Vulnerability on D6220 and D6100, PSV-2016-0133",
"trust": 0.8,
"url": "https://kb.netgear.com/000049367/Security-Advisory-for-Command-Injection-Vulnerability-on-D6220-and-D6100-PSV-2016-0133"
},
{
"title": "NETGEAR D6220 and D6100 Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116300"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1823"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-74",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
},
{
"db": "NVD",
"id": "CVE-2017-18795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049367/security-advisory-for-command-injection-vulnerability-on-d6220-and-d6100-psv-2016-0133"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18795"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1823"
},
{
"db": "NVD",
"id": "CVE-2017-18795"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1823"
},
{
"db": "NVD",
"id": "CVE-2017-18795"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014898"
},
{
"date": "2020-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1823"
},
{
"date": "2020-04-21T19:15:12.177000",
"db": "NVD",
"id": "CVE-2017-18795"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014898"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1823"
},
{
"date": "2024-11-21T03:20:56.593000",
"db": "NVD",
"id": "CVE-2017-18795"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR D6220 and D6100 Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014898"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1823"
}
],
"trust": 0.6
}
}
VAR-202004-1665
Vulnerability from variot - Updated: 2024-11-23 23:07Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1665",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.2,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.130"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48925"
},
{
"db": "VULMON",
"id": "CVE-2018-21219"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"db": "NVD",
"id": "CVE-2018-21219"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
}
]
},
"cve": "CVE-2018-21219",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21219",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016344",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-48925",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21219",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21219",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016344",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21219",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21219",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016344",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-48925",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2296",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21219",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48925"
},
{
"db": "VULMON",
"id": "CVE-2018-21219"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2296"
},
{
"db": "NVD",
"id": "CVE-2018-21219"
},
{
"db": "NVD",
"id": "CVE-2018-21219"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21219"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"db": "CNVD",
"id": "CNVD-2021-48925"
},
{
"db": "VULMON",
"id": "CVE-2018-21219"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21219",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016344",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-48925",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2296",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21219",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48925"
},
{
"db": "VULMON",
"id": "CVE-2018-21219"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2296"
},
{
"db": "NVD",
"id": "CVE-2018-21219"
}
]
},
"id": "VAR-202004-1665",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48925"
}
],
"trust": 1.2675980592307692
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48925"
}
]
},
"last_update_date": "2024-11-23T23:07:58.372000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2017-2482",
"trust": 0.8,
"url": "https://kb.netgear.com/000055118/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2482"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-48925)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/276746"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117388"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2296"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"db": "NVD",
"id": "CVE-2018-21219"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21219"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055118/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2017-2482"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21219"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48925"
},
{
"db": "VULMON",
"id": "CVE-2018-21219"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2296"
},
{
"db": "NVD",
"id": "CVE-2018-21219"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-48925"
},
{
"db": "VULMON",
"id": "CVE-2018-21219"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2296"
},
{
"db": "NVD",
"id": "CVE-2018-21219"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-48925"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21219"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2296"
},
{
"date": "2020-04-28T16:15:14.373000",
"db": "NVD",
"id": "CVE-2018-21219"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-48925"
},
{
"date": "2020-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21219"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016344"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2296"
},
{
"date": "2024-11-21T04:03:12.487000",
"db": "NVD",
"id": "CVE-2018-21219"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2296"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016344"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2296"
}
],
"trust": 0.6
}
}
VAR-202004-1707
Vulnerability from variot - Updated: 2024-11-23 23:07Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1707",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28272"
},
{
"db": "VULMON",
"id": "CVE-2018-21196"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
},
{
"db": "NVD",
"id": "CVE-2018-21196"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
}
]
},
"cve": "CVE-2018-21196",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2018-21196",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016364",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2020-28272",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21196",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21196",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016364",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21196",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21196",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016364",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-28272",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2264",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21196",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28272"
},
{
"db": "VULMON",
"id": "CVE-2018-21196"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2264"
},
{
"db": "NVD",
"id": "CVE-2018-21196"
},
{
"db": "NVD",
"id": "CVE-2018-21196"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21196"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
},
{
"db": "CNVD",
"id": "CNVD-2020-28272"
},
{
"db": "VULMON",
"id": "CVE-2018-21196"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21196",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016364",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28272",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2264",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21196",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28272"
},
{
"db": "VULMON",
"id": "CVE-2018-21196"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2264"
},
{
"db": "NVD",
"id": "CVE-2018-21196"
}
]
},
"id": "VAR-202004-1707",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28272"
}
],
"trust": 1.2116965357142857
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28272"
}
]
},
"last_update_date": "2024-11-23T23:07:58.308000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2599",
"trust": 0.8,
"url": "https://kb.netgear.com/000055153/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2599"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28272)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217551"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28272"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
},
{
"db": "NVD",
"id": "CVE-2018-21196"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21196"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055153/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2599"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21196"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28272"
},
{
"db": "VULMON",
"id": "CVE-2018-21196"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2264"
},
{
"db": "NVD",
"id": "CVE-2018-21196"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28272"
},
{
"db": "VULMON",
"id": "CVE-2018-21196"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2264"
},
{
"db": "NVD",
"id": "CVE-2018-21196"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28272"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21196"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016364"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2264"
},
{
"date": "2020-04-28T16:15:12.967000",
"db": "NVD",
"id": "CVE-2018-21196"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28272"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21196"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016364"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2264"
},
{
"date": "2024-11-21T04:03:08.933000",
"db": "NVD",
"id": "CVE-2018-21196"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2264"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016364"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2264"
}
],
"trust": 0.6
}
}
VAR-202004-1428
Vulnerability from variot - Updated: 2024-11-23 23:04plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1428",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.18"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.35"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r6020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.26"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.4"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "r6080",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.26"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.00.24"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.00.24"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.35"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
}
]
},
"cve": "CVE-2017-18785",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2017-18785",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014878",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"id": "CVE-2017-18785",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.1,
"id": "CVE-2017-18785",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2017-014878",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18785",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18785",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014878",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1888",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with.",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
}
],
"trust": 0.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18785",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014878",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"id": "VAR-202004-1428",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4028575456097561
},
"last_update_date": "2024-11-23T23:04:25.068000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Cross-Site Scripting on Some Routers, Gateways, and Extenders, PSV-2017-2950",
"trust": 0.8,
"url": "https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950"
},
{
"title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116664"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049534/security-advisory-for-cross-site-scripting-on-some-routers-gateways-and-extenders-psv-2017-2950"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18785"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18785"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"date": "2020-04-22T15:15:12.957000",
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"date": "2024-11-21T03:20:54.943000",
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
}
],
"trust": 0.6
}
}
VAR-202004-1575
Vulnerability from variot - Updated: 2024-11-23 23:04plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1575",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "r6080",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d1500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.00.30"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.24"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.24"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.30"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r6020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.38"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.24"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.34"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.24"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.24"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.68"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.00.30"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v2 1.0.0.51"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.42"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d1500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
}
]
},
"cve": "CVE-2018-21139",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-21139",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016413",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-21139",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21139",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016413",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21139",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21139",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016413",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2031",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained.",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
}
],
"trust": 0.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21139",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016413",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"id": "VAR-202004-1575",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.40138965763157897
},
"last_update_date": "2024-11-23T23:04:24.898000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Sensitive Information Disclosure on Some Routers, Wireless Extenders and Smart Cradles, PSV-2017-2198",
"trust": 0.8,
"url": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116786"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000060220/security-advisory-for-sensitive-information-disclosure-on-some-routers-and-smart-cradles-psv-2017-2198"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21139"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21139"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"date": "2020-04-23T21:15:11.690000",
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"date": "2024-11-21T04:02:59.713000",
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
}
],
"trust": 0.6
}
}
VAR-202004-1701
Vulnerability from variot - Updated: 2024-11-23 23:04Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.34, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router.
There are buffer error vulnerabilities in many NETGEAR products. The vulnerability stems from the fact that when a network system or product performs an operation on memory, the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.34, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1701",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.31"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28235"
},
{
"db": "VULMON",
"id": "CVE-2018-21190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
},
{
"db": "NVD",
"id": "CVE-2018-21190"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
}
]
},
"cve": "CVE-2018-21190",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2018-21190",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016371",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.1,
"id": "CNVD-2020-28235",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21190",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21190",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016371",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21190",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21190",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016371",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-28235",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2253",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21190",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28235"
},
{
"db": "VULMON",
"id": "CVE-2018-21190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2253"
},
{
"db": "NVD",
"id": "CVE-2018-21190"
},
{
"db": "NVD",
"id": "CVE-2018-21190"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.34, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. \n\r\n\r\nThere are buffer error vulnerabilities in many NETGEAR products. The vulnerability stems from the fact that when a network system or product performs an operation on memory, the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.34, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
},
{
"db": "CNVD",
"id": "CNVD-2020-28235"
},
{
"db": "VULMON",
"id": "CVE-2018-21190"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21190",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016371",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28235",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2253",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21190",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28235"
},
{
"db": "VULMON",
"id": "CVE-2018-21190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2253"
},
{
"db": "NVD",
"id": "CVE-2018-21190"
}
]
},
"id": "VAR-202004-1701",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28235"
}
],
"trust": 1.244637929090909
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28235"
}
]
},
"last_update_date": "2024-11-23T23:04:24.738000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2605",
"trust": 0.8,
"url": "https://kb.netgear.com/000055167/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2605"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28235)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217479"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28235"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
},
{
"db": "NVD",
"id": "CVE-2018-21190"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21190"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055167/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2605"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21190"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28235"
},
{
"db": "VULMON",
"id": "CVE-2018-21190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2253"
},
{
"db": "NVD",
"id": "CVE-2018-21190"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28235"
},
{
"db": "VULMON",
"id": "CVE-2018-21190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2253"
},
{
"db": "NVD",
"id": "CVE-2018-21190"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28235"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21190"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016371"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2253"
},
{
"date": "2020-04-28T15:15:12.597000",
"db": "NVD",
"id": "CVE-2018-21190"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28235"
},
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21190"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016371"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2253"
},
{
"date": "2024-11-21T04:03:07.983000",
"db": "NVD",
"id": "CVE-2018-21190"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2253"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016371"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2253"
}
],
"trust": 0.6
}
}
VAR-202004-1677
Vulnerability from variot - Updated: 2024-11-23 23:01Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R9000, etc. are all products of NETGEAR. NETGEAR R9000 is a wireless router. NETGEAR R7800 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1677",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28114"
},
{
"db": "VULMON",
"id": "CVE-2018-21175"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"db": "NVD",
"id": "CVE-2018-21175"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
}
]
},
"cve": "CVE-2018-21175",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-21175",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016384",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2020-28114",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2018-21175",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21175",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016384",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21175",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21175",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016384",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-28114",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2218",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21175",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28114"
},
{
"db": "VULMON",
"id": "CVE-2018-21175"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2218"
},
{
"db": "NVD",
"id": "CVE-2018-21175"
},
{
"db": "NVD",
"id": "CVE-2018-21175"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R9000, etc. are all products of NETGEAR. NETGEAR R9000 is a wireless router. NETGEAR R7800 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21175"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"db": "CNVD",
"id": "CNVD-2020-28114"
},
{
"db": "VULMON",
"id": "CVE-2018-21175"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21175",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016384",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28114",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2218",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21175",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28114"
},
{
"db": "VULMON",
"id": "CVE-2018-21175"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2218"
},
{
"db": "NVD",
"id": "CVE-2018-21175"
}
]
},
"id": "VAR-202004-1677",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28114"
}
],
"trust": 1.2939943166666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28114"
}
]
},
"last_update_date": "2024-11-23T23:01:24.106000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2624",
"trust": 0.8,
"url": "https://kb.netgear.com/000055183/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2624"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28114)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217413"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117723"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28114"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2218"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"db": "NVD",
"id": "CVE-2018-21175"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21175"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055183/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2624"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21175"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28114"
},
{
"db": "VULMON",
"id": "CVE-2018-21175"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2218"
},
{
"db": "NVD",
"id": "CVE-2018-21175"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28114"
},
{
"db": "VULMON",
"id": "CVE-2018-21175"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2218"
},
{
"db": "NVD",
"id": "CVE-2018-21175"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28114"
},
{
"date": "2020-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21175"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"date": "2020-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2218"
},
{
"date": "2020-04-27T20:15:11.837000",
"db": "NVD",
"id": "CVE-2018-21175"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28114"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21175"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016384"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2218"
},
{
"date": "2024-11-21T04:03:05.620000",
"db": "NVD",
"id": "CVE-2018-21175"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2218"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016384"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2218"
}
],
"trust": 0.6
}
}
VAR-202004-1666
Vulnerability from variot - Updated: 2024-11-23 22:58Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR WNDR3700 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1666",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.2,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.130"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46571"
},
{
"db": "VULMON",
"id": "CVE-2018-21220"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"db": "NVD",
"id": "CVE-2018-21220"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
}
]
},
"cve": "CVE-2018-21220",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21220",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016345",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-46571",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21220",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21220",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016345",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21220",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21220",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016345",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-46571",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2299",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21220",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46571"
},
{
"db": "VULMON",
"id": "CVE-2018-21220"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2299"
},
{
"db": "NVD",
"id": "CVE-2018-21220"
},
{
"db": "NVD",
"id": "CVE-2018-21220"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR WNDR3700 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21220"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"db": "CNVD",
"id": "CNVD-2021-46571"
},
{
"db": "VULMON",
"id": "CVE-2018-21220"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21220",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016345",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-46571",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2299",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21220",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46571"
},
{
"db": "VULMON",
"id": "CVE-2018-21220"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2299"
},
{
"db": "NVD",
"id": "CVE-2018-21220"
}
]
},
"id": "VAR-202004-1666",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46571"
}
],
"trust": 1.2675980592307692
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46571"
}
]
},
"last_update_date": "2024-11-23T22:58:17.941000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2017-2481",
"trust": 0.8,
"url": "https://kb.netgear.com/000055117/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2481"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46571)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/276576"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117391"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46571"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2299"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"db": "NVD",
"id": "CVE-2018-21220"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21220"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055117/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2017-2481"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21220"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46571"
},
{
"db": "VULMON",
"id": "CVE-2018-21220"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2299"
},
{
"db": "NVD",
"id": "CVE-2018-21220"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-46571"
},
{
"db": "VULMON",
"id": "CVE-2018-21220"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2299"
},
{
"db": "NVD",
"id": "CVE-2018-21220"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46571"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21220"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2299"
},
{
"date": "2020-04-28T16:15:14.403000",
"db": "NVD",
"id": "CVE-2018-21220"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46571"
},
{
"date": "2020-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21220"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016345"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2299"
},
{
"date": "2024-11-21T04:03:12.643000",
"db": "NVD",
"id": "CVE-2018-21220"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2299"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016345"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2299"
}
],
"trust": 0.6
}
}
VAR-202005-0733
Vulnerability from variot - Updated: 2024-11-23 22:58Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48. plural NETGEAR The device contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR WNDR4300 is a wireless router. No detailed vulnerability details are currently provided. This affects D6100 prior to 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 prior to 1.0.2.90, and WNDR4500v3 prior to 1.0.0.48
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0733",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46351"
},
{
"db": "VULMON",
"id": "CVE-2017-18867"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"db": "NVD",
"id": "CVE-2017-18867"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
}
]
},
"cve": "CVE-2017-18867",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18867",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-015008",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-46351",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2017-18867",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2017-18867",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-015008",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18867",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18867",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-015008",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-46351",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-117",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-18867",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46351"
},
{
"db": "VULMON",
"id": "CVE-2017-18867"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-117"
},
{
"db": "NVD",
"id": "CVE-2017-18867"
},
{
"db": "NVD",
"id": "CVE-2017-18867"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48. plural NETGEAR The device contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR WNDR4300 is a wireless router. No detailed vulnerability details are currently provided. This affects D6100 prior to 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 prior to 1.0.2.90, and WNDR4500v3 prior to 1.0.0.48",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18867"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"db": "CNVD",
"id": "CNVD-2021-46351"
},
{
"db": "VULMON",
"id": "CVE-2017-18867"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18867",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-015008",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-46351",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202005-117",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-18867",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46351"
},
{
"db": "VULMON",
"id": "CVE-2017-18867"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-117"
},
{
"db": "NVD",
"id": "CVE-2017-18867"
}
]
},
"id": "VAR-202005-0733",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46351"
}
],
"trust": 1.2358953
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46351"
}
]
},
"last_update_date": "2024-11-23T22:58:17.023000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration on Some Routers and Gateways, PSV-2017-2198",
"trust": 0.8,
"url": "https://kb.netgear.com/000049554/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Gateways-PSV-2017-2198"
},
{
"title": "Patch for Multiple NETGEAR products input verification error vulnerability (CNVD-2021-46351)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/275811"
},
{
"title": "Multiple NETGEAR Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118009"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46351"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-117"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"db": "NVD",
"id": "CVE-2017-18867"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18867"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000049554/security-advisory-for-security-misconfiguration-on-some-routers-and-gateways-psv-2017-2198"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18867"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46351"
},
{
"db": "VULMON",
"id": "CVE-2017-18867"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-117"
},
{
"db": "NVD",
"id": "CVE-2017-18867"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-46351"
},
{
"db": "VULMON",
"id": "CVE-2017-18867"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-117"
},
{
"db": "NVD",
"id": "CVE-2017-18867"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46351"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18867"
},
{
"date": "2020-06-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"date": "2020-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-117"
},
{
"date": "2020-05-05T14:15:12.390000",
"db": "NVD",
"id": "CVE-2017-18867"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46351"
},
{
"date": "2020-05-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18867"
},
{
"date": "2020-06-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-015008"
},
{
"date": "2020-05-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-117"
},
{
"date": "2024-11-21T03:21:08",
"db": "NVD",
"id": "CVE-2017-18867"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Input verification vulnerabilities on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-015008"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-117"
}
],
"trust": 0.6
}
}
VAR-202010-0579
Vulnerability from variot - Updated: 2024-11-23 22:58Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before 1.0.0.78, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.70, XR450 before 2.3.2.40, and XR500 before 2.3.2.40. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-0579",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.0.32"
},
{
"model": "srs60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.2.2.20"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "srk60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.2.2.20"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.40"
},
{
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.0.28"
},
{
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.0.28"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "wn3000rpv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.0.28"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.0.32"
},
{
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.0.28"
},
{
"model": "srr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.2.2.20"
},
{
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.40"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.0.32"
},
{
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.0.28"
},
{
"model": "d6100",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r8900",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r9000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbk20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbk50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbr20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbr50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbs20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "rbs50",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012214"
},
{
"db": "NVD",
"id": "CVE-2020-26913"
}
]
},
"cve": "CVE-2020-26913",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2020-26913",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2020-26913",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-012214",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-26913",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-26913",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2020-26913",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202010-344",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012214"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-344"
},
{
"db": "NVD",
"id": "CVE-2020-26913"
},
{
"db": "NVD",
"id": "CVE-2020-26913"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before 1.0.0.78, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.70, XR450 before 2.3.2.40, and XR500 before 2.3.2.40. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-26913"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012214"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-26913",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-012214",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202010-344",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012214"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-344"
},
{
"db": "NVD",
"id": "CVE-2020-26913"
}
]
},
"id": "VAR-202010-0579",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.436391673
},
"last_update_date": "2024-11-23T22:58:08.273000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Stack\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2018-0140",
"trust": 0.8,
"url": "https://kb.netgear.com/000062340/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2018-0140"
},
{
"title": "Multiple NETGEAR Fix for device buffer error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131131"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012214"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-344"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012214"
},
{
"db": "NVD",
"id": "CVE-2020-26913"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000062340/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-wifi-systems-psv-2018-0140"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26913"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012214"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-344"
},
{
"db": "NVD",
"id": "CVE-2020-26913"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012214"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-344"
},
{
"db": "NVD",
"id": "CVE-2020-26913"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-012214"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-344"
},
{
"date": "2020-10-09T07:15:17.043000",
"db": "NVD",
"id": "CVE-2020-26913"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-27T05:42:00",
"db": "JVNDB",
"id": "JVNDB-2020-012214"
},
{
"date": "2020-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-344"
},
{
"date": "2024-11-21T05:20:28.870000",
"db": "NVD",
"id": "CVE-2020-26913"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-344"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Out-of-bounds write vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-012214"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-344"
}
],
"trust": 0.6
}
}
VAR-202004-0758
Vulnerability from variot - Updated: 2024-11-23 22:51Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.34, JNR1010v2 before 1.1.0.50, JWNR2010v5 before 1.1.0.50, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6100 before 1.0.1.16, R6120 before 1.0.0.40, R6700v2 before 1.2.0.14, R6800 before 1.2.0.14, R6900v2 before 1.2.0.14, R7500v2 before 1.0.3.26, R7800 before 1.0.2.46, R9000 before 1.0.4.2, WN3000RPv2 before 1.0.0.52, WN3000RPv3 before 1.0.2.78, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.50, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.50, and WNR2050 before 1.1.0.50. NOTE: this may be a result of an incomplete fix for CVE-2017-18866. plural NETGEAR A cross-site scripting vulnerability exists in the device. This vulnerability is CVE-2017-18866 This is a vulnerability caused by an incomplete fix for.Information may be obtained and tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0758",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "r6080",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.78"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "r6020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.14"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.14"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.14"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "r6020",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "r6080",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "rbk50",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "rbr50",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "rbs50",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.3.5.30"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
},
{
"db": "NVD",
"id": "CVE-2019-20738"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6020_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6080_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbs50_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
}
]
},
"cve": "CVE-2019-20738",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2019-20738",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-015455",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2019-20738",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.1,
"id": "CVE-2019-20738",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2019-015455",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20738",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20738",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015455",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1349",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1349"
},
{
"db": "NVD",
"id": "CVE-2019-20738"
},
{
"db": "NVD",
"id": "CVE-2019-20738"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.34, JNR1010v2 before 1.1.0.50, JWNR2010v5 before 1.1.0.50, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6100 before 1.0.1.16, R6120 before 1.0.0.40, R6700v2 before 1.2.0.14, R6800 before 1.2.0.14, R6900v2 before 1.2.0.14, R7500v2 before 1.0.3.26, R7800 before 1.0.2.46, R9000 before 1.0.4.2, WN3000RPv2 before 1.0.0.52, WN3000RPv3 before 1.0.2.78, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.50, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.50, and WNR2050 before 1.1.0.50. NOTE: this may be a result of an incomplete fix for CVE-2017-18866. plural NETGEAR A cross-site scripting vulnerability exists in the device. This vulnerability is CVE-2017-18866 This is a vulnerability caused by an incomplete fix for.Information may be obtained and tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20738"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20738",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015455",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1349",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1349"
},
{
"db": "NVD",
"id": "CVE-2019-20738"
}
]
},
"id": "VAR-202004-0758",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4014819361111111
},
"last_update_date": "2024-11-23T22:51:27.268000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Stored Cross Site Scripting on Some Routers, Gateways, and WiFi System, PSV-2016-0100",
"trust": 0.8,
"url": "https://kb.netgear.com/000061187/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-System-PSV-2016-0100"
},
{
"title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114908"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1349"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
},
{
"db": "NVD",
"id": "CVE-2019-20738"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061187/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-wifi-system-psv-2016-0100"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20738"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20738"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1349"
},
{
"db": "NVD",
"id": "CVE-2019-20738"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1349"
},
{
"db": "NVD",
"id": "CVE-2019-20738"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015455"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1349"
},
{
"date": "2020-04-16T20:15:13.820000",
"db": "NVD",
"id": "CVE-2019-20738"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015455"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1349"
},
{
"date": "2024-11-21T04:39:13.863000",
"db": "NVD",
"id": "CVE-2019-20738"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1349"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015455"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1349"
}
],
"trust": 0.6
}
}
VAR-202004-1663
Vulnerability from variot - Updated: 2024-11-23 22:51Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, and R6100 before 1.0.1.20. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, and R6100 prior to 1.0.1.20
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1663",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46569"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"db": "NVD",
"id": "CVE-2018-21217"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
}
]
},
"cve": "CVE-2018-21217",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21217",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016342",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-46569",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21217",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21217",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016342",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21217",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21217",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016342",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-46569",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2297",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21217",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46569"
},
{
"db": "VULMON",
"id": "CVE-2018-21217"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2297"
},
{
"db": "NVD",
"id": "CVE-2018-21217"
},
{
"db": "NVD",
"id": "CVE-2018-21217"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, and R6100 before 1.0.1.20. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, and R6100 prior to 1.0.1.20",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21217"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"db": "CNVD",
"id": "CNVD-2021-46569"
},
{
"db": "VULMON",
"id": "CVE-2018-21217"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21217",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016342",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-46569",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2297",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21217",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46569"
},
{
"db": "VULMON",
"id": "CVE-2018-21217"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2297"
},
{
"db": "NVD",
"id": "CVE-2018-21217"
}
]
},
"id": "VAR-202004-1663",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46569"
}
],
"trust": 1.12735637
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46569"
}
]
},
"last_update_date": "2024-11-23T22:51:26.036000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2017-2484",
"trust": 0.8,
"url": "https://kb.netgear.com/000055120/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2484"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46569)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/276406"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117389"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46569"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2297"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"db": "NVD",
"id": "CVE-2018-21217"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21217"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055120/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2017-2484"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21217"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46569"
},
{
"db": "VULMON",
"id": "CVE-2018-21217"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2297"
},
{
"db": "NVD",
"id": "CVE-2018-21217"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-46569"
},
{
"db": "VULMON",
"id": "CVE-2018-21217"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2297"
},
{
"db": "NVD",
"id": "CVE-2018-21217"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46569"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21217"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2297"
},
{
"date": "2020-04-28T16:15:14.263000",
"db": "NVD",
"id": "CVE-2018-21217"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46569"
},
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21217"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016342"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2297"
},
{
"date": "2024-11-21T04:03:12.180000",
"db": "NVD",
"id": "CVE-2018-21217"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2297"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016342"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2297"
}
],
"trust": 0.6
}
}
VAR-202004-1262
Vulnerability from variot - Updated: 2024-11-23 22:48Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. This affects AC1450 prior to 2017-01-06, C6300 prior to 2017-01-06, D500 prior to 2017-01-06, D1500 prior to 2017-01-06, D3600 prior to 2017-01-06, D6000 prior to 2017-01-06, D6100 prior to 2017-01-06, D6200 prior to 2017-01-06, D6200B prior to 2017-01-06, D6300B prior to 2017-01-06, D6300 prior to 2017-01-06, DGN1000v3 prior to 2017-01-06, DGN2200v1 prior to 2017-01-06, DGN2200v3 prior to 2017-01-06, DGN2200V4 prior to 2017-01-06, DGN2200Bv3 prior to 2017-01-06, DGN2200Bv4 prior to 2017-01-06, DGND3700v1 prior to 2017-01-06, DGND3700v2 prior to 2017-01-06, DGND3700Bv2 prior to 2017-01-06, JNR1010v1 prior to 2017-01-06, JNR1010v2 prior to 2017-01-06, JNR3300 prior to 2017-01-06, JR6100 prior to 2017-01-06, JR6150 prior to 2017-01-06, JWNR2000v5 prior to 2017-01-06, R2000 prior to 2017-01-06, R6050 prior to 2017-01-06, R6100 prior to 2017-01-06, R6200 prior to 2017-01-06, R6200v2 prior to 2017-01-06, R6220 prior to 2017-01-06, R6250 prior to 2017-01-06, R6300 prior to 2017-01-06, R6300v2 prior to 2017-01-06, R6700 prior to 2017-01-06, R7000 prior to 2017-01-06, R7900 prior to 2017-01-06, R7500 prior to 2017-01-06, R8000 prior to 2017-01-06, WGR614v10 prior to 2017-01-06, WNR1000v2 prior to 2017-01-06, WNR1000v3 prior to 2017-01-06, WNR1000v4 prior to 2017-01-06, WNR2000v3 prior to 2017-01-06, WNR2000v4 prior to 2017-01-06, WNR2000v5 prior to 2017-01-06, WNR2200 prior to 2017-01-06, WNR2500 prior to 2017-01-06, WNR3500Lv2 prior to 2017-01-06, WNDR3400v2 prior to 2017-01-06, WNDR3400v3 prior to 2017-01-06, WNDR3700v3 prior to 2017-01-06, WNDR3700v4 prior to 2017-01-06, WNDR3700v5 prior to 2017-01-06, WNDR4300 prior to 2017-01-06, WNDR4300v2 prior to 2017-01-06, WNDR4500v1 prior to 2017-01-06, WNDR4500v2 prior to 2017-01-06, and WNDR4500v3 prior to 2017-01-06
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgnd3700b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "ac1450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr2500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jr6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jwnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgnd3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wgr614",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jnr3300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6300b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d1500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "c6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgn1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "ac1450",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "c6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.2,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "ac1450",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ac1450",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.25"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.25"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.24"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.28"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.30"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.32"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.34"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.36"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.106"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgnd3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.17"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.7"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.7"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.10j"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.1"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.14"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.60"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.64"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.66"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.68"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.80"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.86"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6 10.1.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.14"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.20"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.30"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.06"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8 10.0.77"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.22"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.24"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.6"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.8"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.38"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.2"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.4"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.14"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.16"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.24"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.62"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.2 1.1.93"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.4"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.12"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.14"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.18"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.26"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.32"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.34"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.42"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.60"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.130"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.34"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.38"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.40"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.46"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.8"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.32"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.46"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.54"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.4"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.4 1.1.42"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.46"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.8"
},
{
"model": "wnr2500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr2500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.40"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.44"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.48"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.50"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.56"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.2.44 35.0.53na"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:ac1450_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:c6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d1500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
}
]
},
"cve": "CVE-2016-11059",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-11059",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014989",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-11059",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014989",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-11059",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014989",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2304",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-11059",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. This affects AC1450 prior to 2017-01-06, C6300 prior to 2017-01-06, D500 prior to 2017-01-06, D1500 prior to 2017-01-06, D3600 prior to 2017-01-06, D6000 prior to 2017-01-06, D6100 prior to 2017-01-06, D6200 prior to 2017-01-06, D6200B prior to 2017-01-06, D6300B prior to 2017-01-06, D6300 prior to 2017-01-06, DGN1000v3 prior to 2017-01-06, DGN2200v1 prior to 2017-01-06, DGN2200v3 prior to 2017-01-06, DGN2200V4 prior to 2017-01-06, DGN2200Bv3 prior to 2017-01-06, DGN2200Bv4 prior to 2017-01-06, DGND3700v1 prior to 2017-01-06, DGND3700v2 prior to 2017-01-06, DGND3700Bv2 prior to 2017-01-06, JNR1010v1 prior to 2017-01-06, JNR1010v2 prior to 2017-01-06, JNR3300 prior to 2017-01-06, JR6100 prior to 2017-01-06, JR6150 prior to 2017-01-06, JWNR2000v5 prior to 2017-01-06, R2000 prior to 2017-01-06, R6050 prior to 2017-01-06, R6100 prior to 2017-01-06, R6200 prior to 2017-01-06, R6200v2 prior to 2017-01-06, R6220 prior to 2017-01-06, R6250 prior to 2017-01-06, R6300 prior to 2017-01-06, R6300v2 prior to 2017-01-06, R6700 prior to 2017-01-06, R7000 prior to 2017-01-06, R7900 prior to 2017-01-06, R7500 prior to 2017-01-06, R8000 prior to 2017-01-06, WGR614v10 prior to 2017-01-06, WNR1000v2 prior to 2017-01-06, WNR1000v3 prior to 2017-01-06, WNR1000v4 prior to 2017-01-06, WNR2000v3 prior to 2017-01-06, WNR2000v4 prior to 2017-01-06, WNR2000v5 prior to 2017-01-06, WNR2200 prior to 2017-01-06, WNR2500 prior to 2017-01-06, WNR3500Lv2 prior to 2017-01-06, WNDR3400v2 prior to 2017-01-06, WNDR3400v3 prior to 2017-01-06, WNDR3700v3 prior to 2017-01-06, WNDR3700v4 prior to 2017-01-06, WNDR3700v5 prior to 2017-01-06, WNDR4300 prior to 2017-01-06, WNDR4300v2 prior to 2017-01-06, WNDR4500v1 prior to 2017-01-06, WNDR4500v2 prior to 2017-01-06, and WNDR4500v3 prior to 2017-01-06",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "VULMON",
"id": "CVE-2016-11059"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-11059",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-11059",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"id": "VAR-202004-1262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4569339544444444
},
"last_update_date": "2024-11-23T22:48:01.793000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR Product Vulnerability Advisory: Authentication Bypass and Information Disclosure on Home Routers",
"trust": 0.8,
"url": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers"
},
{
"title": "Multiple NETGEAR Product information disclosure vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117917"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/27253/netgear-product-vulnerability-advisory-authentication-bypass-and-information-disclosure-on-home-routers"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-11059"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-11059"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"date": "2020-04-28T17:15:12.460000",
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"date": "2020-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"date": "2024-11-21T02:45:24.220000",
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
}
],
"trust": 0.6
}
}
VAR-202004-1661
Vulnerability from variot - Updated: 2024-11-23 22:48Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, EX2700 before 1.0.1.28, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, EX2700 prior to 1.0.1.28, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1661",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "ex2700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wn3000rpv3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wn2000rptv3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wn3100rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.2,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.130"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46567"
},
{
"db": "VULMON",
"id": "CVE-2018-21215"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"db": "NVD",
"id": "CVE-2018-21215"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
}
]
},
"cve": "CVE-2018-21215",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21215",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016356",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-46567",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21215",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21215",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016356",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21215",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21215",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016356",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-46567",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2290",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21215",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46567"
},
{
"db": "VULMON",
"id": "CVE-2018-21215"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2290"
},
{
"db": "NVD",
"id": "CVE-2018-21215"
},
{
"db": "NVD",
"id": "CVE-2018-21215"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, EX2700 before 1.0.1.28, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, EX2700 prior to 1.0.1.28, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21215"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"db": "CNVD",
"id": "CNVD-2021-46567"
},
{
"db": "VULMON",
"id": "CVE-2018-21215"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21215",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016356",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-46567",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2290",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21215",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46567"
},
{
"db": "VULMON",
"id": "CVE-2018-21215"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2290"
},
{
"db": "NVD",
"id": "CVE-2018-21215"
}
]
},
"id": "VAR-202004-1661",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46567"
}
],
"trust": 1.275971406
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46567"
}
]
},
"last_update_date": "2024-11-23T22:48:01.263000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2486",
"trust": 0.8,
"url": "https://kb.netgear.com/000055122/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2486"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46567)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/276391"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117382"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46567"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2290"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"db": "NVD",
"id": "CVE-2018-21215"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21215"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055122/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2486"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21215"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46567"
},
{
"db": "VULMON",
"id": "CVE-2018-21215"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2290"
},
{
"db": "NVD",
"id": "CVE-2018-21215"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-46567"
},
{
"db": "VULMON",
"id": "CVE-2018-21215"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2290"
},
{
"db": "NVD",
"id": "CVE-2018-21215"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46567"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21215"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2290"
},
{
"date": "2020-04-28T16:15:14.153000",
"db": "NVD",
"id": "CVE-2018-21215"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46567"
},
{
"date": "2020-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21215"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016356"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2290"
},
{
"date": "2024-11-21T04:03:11.883000",
"db": "NVD",
"id": "CVE-2018-21215"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2290"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016356"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2290"
}
],
"trust": 0.6
}
}
VAR-202004-1703
Vulnerability from variot - Updated: 2024-11-23 22:48Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1703",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28268"
},
{
"db": "VULMON",
"id": "CVE-2018-21192"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"db": "NVD",
"id": "CVE-2018-21192"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
}
]
},
"cve": "CVE-2018-21192",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2018-21192",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016369",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2020-28268",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21192",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21192",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016369",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21192",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21192",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016369",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-28268",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2252",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21192",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28268"
},
{
"db": "VULMON",
"id": "CVE-2018-21192"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2252"
},
{
"db": "NVD",
"id": "CVE-2018-21192"
},
{
"db": "NVD",
"id": "CVE-2018-21192"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21192"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"db": "CNVD",
"id": "CNVD-2020-28268"
},
{
"db": "VULMON",
"id": "CVE-2018-21192"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21192",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016369",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28268",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2252",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21192",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28268"
},
{
"db": "VULMON",
"id": "CVE-2018-21192"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2252"
},
{
"db": "NVD",
"id": "CVE-2018-21192"
}
]
},
"id": "VAR-202004-1703",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28268"
}
],
"trust": 1.2939943166666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28268"
}
]
},
"last_update_date": "2024-11-23T22:48:01.203000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2603",
"trust": 0.8,
"url": "https://kb.netgear.com/000055165/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2603"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28268)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217559"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117345"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28268"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2252"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"db": "NVD",
"id": "CVE-2018-21192"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21192"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055165/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2603"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21192"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28268"
},
{
"db": "VULMON",
"id": "CVE-2018-21192"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2252"
},
{
"db": "NVD",
"id": "CVE-2018-21192"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28268"
},
{
"db": "VULMON",
"id": "CVE-2018-21192"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2252"
},
{
"db": "NVD",
"id": "CVE-2018-21192"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28268"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21192"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2252"
},
{
"date": "2020-04-28T15:15:12.723000",
"db": "NVD",
"id": "CVE-2018-21192"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28268"
},
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21192"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016369"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2252"
},
{
"date": "2024-11-21T04:03:08.287000",
"db": "NVD",
"id": "CVE-2018-21192"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016369"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2252"
}
],
"trust": 0.6
}
}
VAR-202004-1705
Vulnerability from variot - Updated: 2024-11-23 22:48Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.34, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.34, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1705",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28270"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"db": "NVD",
"id": "CVE-2018-21194"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
}
]
},
"cve": "CVE-2018-21194",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2018-21194",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016377",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2020-28270",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21194",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21194",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016377",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21194",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21194",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016377",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-28270",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2256",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21194",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28270"
},
{
"db": "VULMON",
"id": "CVE-2018-21194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2256"
},
{
"db": "NVD",
"id": "CVE-2018-21194"
},
{
"db": "NVD",
"id": "CVE-2018-21194"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.34, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.34, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"db": "CNVD",
"id": "CNVD-2020-28270"
},
{
"db": "VULMON",
"id": "CVE-2018-21194"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21194",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016377",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28270",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2256",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21194",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28270"
},
{
"db": "VULMON",
"id": "CVE-2018-21194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2256"
},
{
"db": "NVD",
"id": "CVE-2018-21194"
}
]
},
"id": "VAR-202004-1705",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28270"
}
],
"trust": 1.274251435
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28270"
}
]
},
"last_update_date": "2024-11-23T22:48:01.174000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2601",
"trust": 0.8,
"url": "https://kb.netgear.com/000055163/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2601"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28270)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217555"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117348"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28270"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2256"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"db": "NVD",
"id": "CVE-2018-21194"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21194"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055163/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2601"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21194"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28270"
},
{
"db": "VULMON",
"id": "CVE-2018-21194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2256"
},
{
"db": "NVD",
"id": "CVE-2018-21194"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28270"
},
{
"db": "VULMON",
"id": "CVE-2018-21194"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2256"
},
{
"db": "NVD",
"id": "CVE-2018-21194"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28270"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21194"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2256"
},
{
"date": "2020-04-28T15:15:12.830000",
"db": "NVD",
"id": "CVE-2018-21194"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28270"
},
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21194"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016377"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2256"
},
{
"date": "2024-11-21T04:03:08.613000",
"db": "NVD",
"id": "CVE-2018-21194"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2256"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016377"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2256"
}
],
"trust": 0.6
}
}
VAR-202004-1366
Vulnerability from variot - Updated: 2024-11-23 22:44Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6100 before 1.0.1.14, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.52, WN3000RPv3 before 1.0.2.50, WNDR3700v4 before 1.0.2.88, WNDR3700v5 before 1.1.0.48, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.58, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1366",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.4"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.4"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.4"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.18"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "pr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.18"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6120",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
},
{
"db": "NVD",
"id": "CVE-2017-18764"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6050_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6120_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
}
]
},
"cve": "CVE-2017-18764",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18764",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014905",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18764",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18764",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014905",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18764",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18764",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014905",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1910",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1910"
},
{
"db": "NVD",
"id": "CVE-2017-18764"
},
{
"db": "NVD",
"id": "CVE-2017-18764"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6100 before 1.0.1.14, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.52, WN3000RPv3 before 1.0.2.50, WNDR3700v4 before 1.0.2.88, WNDR3700v5 before 1.1.0.48, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.58, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18764"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18764",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014905",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1910",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1910"
},
{
"db": "NVD",
"id": "CVE-2017-18764"
}
]
},
"id": "VAR-202004-1366",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4303076327777777
},
"last_update_date": "2024-11-23T22:44:36.363000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Command Injection on Some Routers, Gateways, and Extenders, PSV-2017-2210",
"trust": 0.8,
"url": "https://kb.netgear.com/000051481/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2210"
},
{
"title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117246"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1910"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-74",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
},
{
"db": "NVD",
"id": "CVE-2017-18764"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051481/security-advisory-for-pre-authentication-command-injection-on-some-routers-gateways-and-extenders-psv-2017-2210"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18764"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18764"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1910"
},
{
"db": "NVD",
"id": "CVE-2017-18764"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1910"
},
{
"db": "NVD",
"id": "CVE-2017-18764"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014905"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1910"
},
{
"date": "2020-04-22T16:15:11.497000",
"db": "NVD",
"id": "CVE-2017-18764"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014905"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1910"
},
{
"date": "2024-11-21T03:20:51.747000",
"db": "NVD",
"id": "CVE-2017-18764"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1910"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014905"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1910"
}
],
"trust": 0.6
}
}
VAR-202004-1660
Vulnerability from variot - Updated: 2024-11-23 22:44Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1660",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "ex2700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wn3000rpv3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wn2000rptv3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wn3100rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.2,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.130"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46566"
},
{
"db": "VULMON",
"id": "CVE-2018-21214"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"db": "NVD",
"id": "CVE-2018-21214"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
}
]
},
"cve": "CVE-2018-21214",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21214",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016355",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-46566",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21214",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21214",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016355",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21214",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21214",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016355",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-46566",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2287",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21214",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46566"
},
{
"db": "VULMON",
"id": "CVE-2018-21214"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2287"
},
{
"db": "NVD",
"id": "CVE-2018-21214"
},
{
"db": "NVD",
"id": "CVE-2018-21214"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21214"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"db": "CNVD",
"id": "CNVD-2021-46566"
},
{
"db": "VULMON",
"id": "CVE-2018-21214"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21214",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016355",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-46566",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2287",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21214",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46566"
},
{
"db": "VULMON",
"id": "CVE-2018-21214"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2287"
},
{
"db": "NVD",
"id": "CVE-2018-21214"
}
]
},
"id": "VAR-202004-1660",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46566"
}
],
"trust": 1.269161487272727
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46566"
}
]
},
"last_update_date": "2024-11-23T22:44:36.002000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2488",
"trust": 0.8,
"url": "https://kb.netgear.com/000055123/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2488"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46566)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/276376"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117379"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46566"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2287"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"db": "NVD",
"id": "CVE-2018-21214"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21214"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055123/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2488"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21214"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46566"
},
{
"db": "VULMON",
"id": "CVE-2018-21214"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2287"
},
{
"db": "NVD",
"id": "CVE-2018-21214"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-46566"
},
{
"db": "VULMON",
"id": "CVE-2018-21214"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2287"
},
{
"db": "NVD",
"id": "CVE-2018-21214"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46566"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21214"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2287"
},
{
"date": "2020-04-28T16:15:14.107000",
"db": "NVD",
"id": "CVE-2018-21214"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46566"
},
{
"date": "2020-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21214"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016355"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2287"
},
{
"date": "2024-11-21T04:03:11.730000",
"db": "NVD",
"id": "CVE-2018-21214"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2287"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016355"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2287"
}
],
"trust": 0.6
}
}
VAR-202004-1702
Vulnerability from variot - Updated: 2024-11-23 22:44Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1702",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28267"
},
{
"db": "VULMON",
"id": "CVE-2018-21191"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"db": "NVD",
"id": "CVE-2018-21191"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
}
]
},
"cve": "CVE-2018-21191",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2018-21191",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016370",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2020-28267",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21191",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21191",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016370",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21191",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21191",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016370",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-28267",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2255",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21191",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28267"
},
{
"db": "VULMON",
"id": "CVE-2018-21191"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2255"
},
{
"db": "NVD",
"id": "CVE-2018-21191"
},
{
"db": "NVD",
"id": "CVE-2018-21191"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21191"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"db": "CNVD",
"id": "CNVD-2020-28267"
},
{
"db": "VULMON",
"id": "CVE-2018-21191"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21191",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016370",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28267",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2255",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21191",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28267"
},
{
"db": "VULMON",
"id": "CVE-2018-21191"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2255"
},
{
"db": "NVD",
"id": "CVE-2018-21191"
}
]
},
"id": "VAR-202004-1702",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28267"
}
],
"trust": 1.3290474737499998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28267"
}
]
},
"last_update_date": "2024-11-23T22:44:35.942000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2604",
"trust": 0.8,
"url": "https://kb.netgear.com/000055166/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2604"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28267)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217561"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117347"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28267"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2255"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"db": "NVD",
"id": "CVE-2018-21191"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21191"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055166/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2604"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21191"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28267"
},
{
"db": "VULMON",
"id": "CVE-2018-21191"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2255"
},
{
"db": "NVD",
"id": "CVE-2018-21191"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28267"
},
{
"db": "VULMON",
"id": "CVE-2018-21191"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2255"
},
{
"db": "NVD",
"id": "CVE-2018-21191"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28267"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21191"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2255"
},
{
"date": "2020-04-28T15:15:12.660000",
"db": "NVD",
"id": "CVE-2018-21191"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28267"
},
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21191"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016370"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2255"
},
{
"date": "2024-11-21T04:03:08.137000",
"db": "NVD",
"id": "CVE-2018-21191"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2255"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016370"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2255"
}
],
"trust": 0.6
}
}
VAR-202004-0787
Vulnerability from variot - Updated: 2024-11-23 22:41Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This affects D3600 prior to 1.0.0.75, D6000 prior to 1.0.0.75, D6100 prior to 1.0.0.63, R7800 prior to 1.0.2.52, R8900 prior to 1.0.4.2, R9000 prior to 1.0.4.2, WNDR3700v4 prior to 1.0.2.102, WNDR4300v1 prior to 1.0.2.104, WNDR4300v2 prior to 1.0.0.58, WNDR4500v3 prior to 1.0.0.58, WNR2000v5 prior to 1.0.0.68, and XR500 prior to 2.3.2.32
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0787",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.32"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.75"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.75"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.75"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.75"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r8900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"db": "NVD",
"id": "CVE-2019-20725"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "aircut",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1309"
}
],
"trust": 0.6
},
"cve": "CVE-2019-20725",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2019-20725",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015318",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20725",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20725",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015318",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20725",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20725",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015318",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1309",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-20725",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-20725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1309"
},
{
"db": "NVD",
"id": "CVE-2019-20725"
},
{
"db": "NVD",
"id": "CVE-2019-20725"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This affects D3600 prior to 1.0.0.75, D6000 prior to 1.0.0.75, D6100 prior to 1.0.0.63, R7800 prior to 1.0.2.52, R8900 prior to 1.0.4.2, R9000 prior to 1.0.4.2, WNDR3700v4 prior to 1.0.2.102, WNDR4300v1 prior to 1.0.2.104, WNDR4300v2 prior to 1.0.0.58, WNDR4500v3 prior to 1.0.0.58, WNR2000v5 prior to 1.0.0.68, and XR500 prior to 2.3.2.32",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"db": "VULMON",
"id": "CVE-2019-20725"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20725",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015318",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1309",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-20725",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-20725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1309"
},
{
"db": "NVD",
"id": "CVE-2019-20725"
}
]
},
"id": "VAR-202004-0787",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42989337874999994
},
"last_update_date": "2024-11-23T22:41:07.571000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2018-0143",
"trust": 0.8,
"url": "https://kb.netgear.com/000061203/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0143"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116575"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1309"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"db": "NVD",
"id": "CVE-2019-20725"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000061203/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2018-0143"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20725"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20725"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-20725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1309"
},
{
"db": "NVD",
"id": "CVE-2019-20725"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2019-20725"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1309"
},
{
"db": "NVD",
"id": "CVE-2019-20725"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-16T00:00:00",
"db": "VULMON",
"id": "CVE-2019-20725"
},
{
"date": "2020-05-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1309"
},
{
"date": "2020-04-16T19:15:25.463000",
"db": "NVD",
"id": "CVE-2019-20725"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-20T00:00:00",
"db": "VULMON",
"id": "CVE-2019-20725"
},
{
"date": "2020-05-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015318"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1309"
},
{
"date": "2024-11-21T04:39:11.597000",
"db": "NVD",
"id": "CVE-2019-20725"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1309"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015318"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1309"
}
],
"trust": 0.6
}
}
VAR-202004-1669
Vulnerability from variot - Updated: 2024-11-23 22:41Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. This affects D6100 prior to 1.0.0.57, DM200 prior to 1.0.0.50, EX2700 prior to 1.0.1.32, EX6100v2 prior to 1.0.1.70, EX6150v2 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.62, EX6400 prior to 1.0.1.78, EX7300 prior to 1.0.1.78, EX8000 prior to 1.0.0.114, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1669",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.114"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "dm200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.42"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "dm200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "ex2700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "ex6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "ex7300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "ex8000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.114"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "ex2700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.34 1.0.70"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.56"
},
{
"model": "ex6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "ex6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "ex7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1"
},
{
"model": "ex7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "ex7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "ex7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "ex8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r8900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21167"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"db": "NVD",
"id": "CVE-2018-21167"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dm200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex7300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex8000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
}
]
},
"cve": "CVE-2018-21167",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2018-21167",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2018-016392",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"id": "CVE-2018-21167",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"id": "CVE-2018-21167",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2018-016392",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21167",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21167",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016392",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2209",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21167",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21167"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2209"
},
{
"db": "NVD",
"id": "CVE-2018-21167"
},
{
"db": "NVD",
"id": "CVE-2018-21167"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. This affects D6100 prior to 1.0.0.57, DM200 prior to 1.0.0.50, EX2700 prior to 1.0.1.32, EX6100v2 prior to 1.0.1.70, EX6150v2 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.62, EX6400 prior to 1.0.1.78, EX7300 prior to 1.0.1.78, EX8000 prior to 1.0.0.114, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21167"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"db": "VULMON",
"id": "CVE-2018-21167"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21167",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016392",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2209",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21167",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21167"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2209"
},
{
"db": "NVD",
"id": "CVE-2018-21167"
}
]
},
"id": "VAR-202004-1669",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3957455253846154
},
"last_update_date": "2024-11-23T22:41:06.396000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Stored Cross-Site Scripting on Routers, Gateways, Extenders, and DSL Modems, PSV-2017-3093",
"trust": 0.8,
"url": "https://kb.netgear.com/000055191/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Routers-Gateways-Extenders-and-DSL-Modems-PSV-2017-3093"
},
{
"title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117304"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2209"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"db": "NVD",
"id": "CVE-2018-21167"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055191/security-advisory-for-stored-cross-site-scripting-on-routers-gateways-extenders-and-dsl-modems-psv-2017-3093"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21167"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21167"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21167"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2209"
},
{
"db": "NVD",
"id": "CVE-2018-21167"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2018-21167"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2209"
},
{
"db": "NVD",
"id": "CVE-2018-21167"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21167"
},
{
"date": "2020-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"date": "2020-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2209"
},
{
"date": "2020-04-27T18:15:12.670000",
"db": "NVD",
"id": "CVE-2018-21167"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21167"
},
{
"date": "2020-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016392"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2209"
},
{
"date": "2024-11-21T04:03:04.040000",
"db": "NVD",
"id": "CVE-2018-21167"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2209"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016392"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2209"
}
],
"trust": 0.6
}
}
VAR-202004-1690
Vulnerability from variot - Updated: 2024-11-23 22:41Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.30, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.30, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1690",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v4 1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v2 1.0.0.50"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v3 1.0.0.50"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v5 1.0.0.62"
},
{
"model": "r7800",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28118"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"db": "NVD",
"id": "CVE-2018-21179"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r9000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
}
]
},
"cve": "CVE-2018-21179",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2018-21179",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016388",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2020-28118",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21179",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21179",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016388",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21179",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21179",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016388",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-28118",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2222",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21179",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28118"
},
{
"db": "VULMON",
"id": "CVE-2018-21179"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2222"
},
{
"db": "NVD",
"id": "CVE-2018-21179"
},
{
"db": "NVD",
"id": "CVE-2018-21179"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.30, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.30, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21179"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"db": "CNVD",
"id": "CNVD-2020-28118"
},
{
"db": "VULMON",
"id": "CVE-2018-21179"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21179",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016388",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28118",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2222",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21179",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28118"
},
{
"db": "VULMON",
"id": "CVE-2018-21179"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2222"
},
{
"db": "NVD",
"id": "CVE-2018-21179"
}
]
},
"id": "VAR-202004-1690",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28118"
}
],
"trust": 1.2809049927272729
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28118"
}
]
},
"last_update_date": "2024-11-23T22:41:06.367000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2620",
"trust": 0.8,
"url": "https://kb.netgear.com/000055179/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2620"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28118)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217405"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117314"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28118"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2222"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"db": "NVD",
"id": "CVE-2018-21179"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21179"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055179/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2620"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21179"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28118"
},
{
"db": "VULMON",
"id": "CVE-2018-21179"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2222"
},
{
"db": "NVD",
"id": "CVE-2018-21179"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28118"
},
{
"db": "VULMON",
"id": "CVE-2018-21179"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2222"
},
{
"db": "NVD",
"id": "CVE-2018-21179"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28118"
},
{
"date": "2020-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21179"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"date": "2020-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2222"
},
{
"date": "2020-04-27T21:15:13.203000",
"db": "NVD",
"id": "CVE-2018-21179"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28118"
},
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21179"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016388"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2222"
},
{
"date": "2024-11-21T04:03:06.250000",
"db": "NVD",
"id": "CVE-2018-21179"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2222"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016388"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2222"
}
],
"trust": 0.6
}
}