Search

Find a vulnerability

Search criteria

    70 vulnerabilities found for d6100 by netgear

    VAR-201701-0161

    Vulnerability from variot - Updated: 2025-11-18 15:12

    The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution. NETGEARWNR2000v5router is a popular router device. Netgear WNR2000 is prone to the following vulnerabilities: 1. An authentication-bypass vulnerability 2. An information disclosure vulnerability 3. Failed exploit attempts will likely cause a denial-of-service condition. Netgear WNR2000 firmware version 5 is affected; other versions may also be affected

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "wnr2000v5",
            "scope": null,
            "trust": 1.6,
            "vendor": "net gear",
            "version": null
          },
          {
            "_id": null,
            "model": "wndr4700",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr2000v5",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr2020",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr2050",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "r2000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wndr3700v4",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr2200",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "r6100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr614",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "r7500v2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr1000v4",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wndr4500v3",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "r7500",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "d7000",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wndr4300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr2000v4",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wndr4300v2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "jnr3300",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "d6100",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr2500",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "r6220",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "d7800",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr1000v2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "jnr1010v2",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr618",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wndr3800",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "jwnr2010v5",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr2000v3",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "5"
          },
          {
            "_id": null,
            "model": "wnr2000v5",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.34"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201"
          },
          {
            "db": "BID",
            "id": "95867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-105"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10174"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/h:netgear:wnr2000v5",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000v5_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Pedro Ribeiro.",
        "sources": [
          {
            "db": "BID",
            "id": "95867"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2016-10174",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-10174",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2017-01201",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-88924",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-10174",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2016-10174",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10174",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2016-10174",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10174",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2017-01201",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201702-105",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-88924",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-10174",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201"
          },
          {
            "db": "VULHUB",
            "id": "VHN-88924"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-105"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10174"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10174"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution. NETGEARWNR2000v5router is a popular router device. Netgear WNR2000 is prone to the following vulnerabilities:\n1. An authentication-bypass vulnerability\n2. An information disclosure vulnerability\n3. Failed exploit attempts will likely cause a  denial-of-service condition. \nNetgear WNR2000 firmware version 5 is affected; other versions may also be affected",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201"
          },
          {
            "db": "BID",
            "id": "95867"
          },
          {
            "db": "VULHUB",
            "id": "VHN-88924"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10174"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41719",
            "trust": 0.2,
            "type": "exploit"
          },
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-88924",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-88924"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10174"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10174",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "95867",
            "trust": 2.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "40949",
            "trust": 1.2
          },
          {
            "db": "EXPLOIT-DB",
            "id": "41719",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-105",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "141806",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-88924",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10174",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201"
          },
          {
            "db": "VULHUB",
            "id": "VHN-88924"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10174"
          },
          {
            "db": "BID",
            "id": "95867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-105"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10174"
          }
        ]
      },
      "id": "VAR-201701-0161",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201"
          },
          {
            "db": "VULHUB",
            "id": "VHN-88924"
          }
        ],
        "trust": 1.349292958888889
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201"
          }
        ]
      },
      "last_update_date": "2025-11-18T15:12:36.873000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Insecure Remote Access and Command Execution Security Vulnerability, PSV-2016-0255",
            "trust": 0.8,
            "url": "http://kb.netgear.com/000036549/Insecure-Remote-Access-and-Command-Execution-Security-Vulnerability"
          },
          {
            "title": "NETGEARWNR2000v5routerhidden_lang_avi patch overflow vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/89178"
          },
          {
            "title": "NETGEAR WNR2000v5 Repair measures for router buffer error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67476"
          },
          {
            "title": "BleepingComputer",
            "trust": 0.1,
            "url": "https://www.bleepingcomputer.com/news/security/zyxel-and-netgear-fail-to-patch-seven-security-flaws-affecting-their-routers/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-105"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-88924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10174"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.6,
            "url": "https://raw.githubusercontent.com/pedrib/poc/master/advisories/netgear-wnr2000.txt"
          },
          {
            "trust": 2.4,
            "url": "http://kb.netgear.com/000036549/insecure-remote-access-and-command-execution-security-vulnerability"
          },
          {
            "trust": 1.8,
            "url": "http://www.securityfocus.com/bid/95867"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2016/dec/72"
          },
          {
            "trust": 1.3,
            "url": "https://www.exploit-db.com/exploits/41719/"
          },
          {
            "trust": 1.2,
            "url": "https://www.exploit-db.com/exploits/40949/"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2016-10174"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10174"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-10174"
          },
          {
            "trust": 0.3,
            "url": "http://www.netgear.com"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/fulldisclosure/2017/jan/88"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.rapid7.com/db/modules/exploit/linux/http/netgear_wnr2000_rce"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201"
          },
          {
            "db": "VULHUB",
            "id": "VHN-88924"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10174"
          },
          {
            "db": "BID",
            "id": "95867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-105"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10174"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2017-01201",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-88924",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-10174",
            "ident": null
          },
          {
            "db": "BID",
            "id": "95867",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-105",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10174",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-02-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-01201",
            "ident": null
          },
          {
            "date": "2017-01-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-88924",
            "ident": null
          },
          {
            "date": "2017-01-30T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10174",
            "ident": null
          },
          {
            "date": "2017-01-30T00:00:00",
            "db": "BID",
            "id": "95867",
            "ident": null
          },
          {
            "date": "2017-01-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-105",
            "ident": null
          },
          {
            "date": "2017-03-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007707",
            "ident": null
          },
          {
            "date": "2017-01-30T04:59:00.157000",
            "db": "NVD",
            "id": "CVE-2016-10174",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-02-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2017-01201",
            "ident": null
          },
          {
            "date": "2017-09-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-88924",
            "ident": null
          },
          {
            "date": "2017-09-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-10174",
            "ident": null
          },
          {
            "date": "2017-02-02T01:03:00",
            "db": "BID",
            "id": "95867",
            "ident": null
          },
          {
            "date": "2017-03-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201702-105",
            "ident": null
          },
          {
            "date": "2017-03-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-007707",
            "ident": null
          },
          {
            "date": "2025-10-22T00:15:48.580000",
            "db": "NVD",
            "id": "CVE-2016-10174",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-105"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "NETGEAR WNR2000v5 Router buffer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-007707"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201702-105"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201505-0408

    Vulnerability from variot - Updated: 2025-04-13 23:29

    Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005. KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. KCodes NetUSB The kernel driver contains a buffer overflow vulnerability. KCodes NetUSB Is Linux Connected to base embedded devices (home router products, etc.) USB Share devices on the network "USB over IP" To realize the function, Linux Kernel module. Buffer overflow (CWE-120) - CVE-2015-3036 http://cwe.mitre.org/data/definitions/120.html The client NetUSB The data to send when connecting to the server NetUSB A buffer overflow can occur because the kernel driver does not validate properly. For more information SEC Consult Please check the advisory for. SEC Consult Vulnerability Lab Security Advisory < 20150519-0 > https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt In addition, National Vulnerability Database (NVD) Then CWE-119 It is published as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer ( Buffer error ) http://cwe.mitre.org/data/definitions/119.htmlAn attacker on the local network caused a buffer overflow, resulting in a denial of service operation (DoS) An attacker may be able to attack or execute arbitrary code. Depending on the default settings of the device, a remote attack may be possible. KCodes NetUSB is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. SEC Consult Vulnerability Lab Security Advisory < 20150519-0 > ======================================================================= title: Kernel Stack Buffer Overflow product: KCodes NetUSB vulnerable version: see Vulnerable / tested versions fixed version: see Solution CVE number: CVE-2015-3036, VU#177092 impact: Critical homepage: http://www.kcodes.com/ found: 2015-02-23 by: Stefan Viehböck (Office Vienna) SEC Consult Vulnerability Lab

                     An integrated part of SEC Consult
                     Berlin - Frankfurt/Main - Montreal - Singapore
                     Vienna (HQ) - Vilnius - Zurich
    
                     https://www.sec-consult.com
    

    =======================================================================

    Vendor description:

    "The world's premier technology provider of mobile printing, audio and video communication, file sharing, and USB applications for iPhones, iPads, smart phones and tablets (Android and Windows), MacBooks, and Ultrabooks."

    Source: http://www.kcodes.com/

    Vulnerability overview/description:

    NetUSB suffers from a remotely exploitable kernel stack buffer overflow. Because of insufficient input validation, an overly long computer name can be used to overflow the "computer name" kernel stack buffer. This results in memory corruption which can be turned into arbitrary remote code execution.

    Furthermore, a more detailed summary of this advisory has been published at our blog: http://blog.sec-consult.com

    Proof of concept:

    Below is an excerpt from the vulnerable run_init_sbus() function (pseudo code):

    int computername_len; char computername_buf[64]; // connection initiation, handshake len = ks_recv(sock, &computername_len, 4, 0); // ... len = ks_recv(sock, computername_buf, computername_len, 0); // boom!

    A proof of concept "netusb_bof.py" has been developed which exploits the vulnerability. The PoC DoS exploit will not be published as many vendors did not patch the vulnerability yet.

    Example use that results in denial-of-service (kernel memory corruption that results in a device reboot): ./netusb_bof.py 192.168.1.1 20005 500

    Vulnerable / tested versions:

    The vulnerability has been verified to exist in most recent firmware versions of the following devives:

    TP-Link TL-WDR4300 V1 TP-Link WR1043ND v2 NETGEAR WNDR4500

    Furthermore we've identified NetUSB in the most recent firmware version of the following products (list is not necessarily complete!): D-Link DIR-615 C NETGEAR AC1450 NETGEAR CENTRIA (WNDR4700/4720) NETGEAR D6100 NETGEAR D6200 NETGEAR D6300 NETGEAR D6400 NETGEAR DC112A NETGEAR DC112A (Zain) NETGEAR DGND4000 NETGEAR EX6200 NETGEAR EX7000 NETGEAR JNR3000 NETGEAR JNR3210 NETGEAR JR6150 NETGEAR LG6100D NETGEAR PR2000 NETGEAR R6050 NETGEAR R6100 NETGEAR R6200 NETGEAR R6200v2 NETGEAR R6220 NETGEAR R6250 NETGEAR R6300v1 NETGEAR R6300v2 NETGEAR R6700 NETGEAR R7000 NETGEAR R7500 NETGEAR R7900 NETGEAR R8000 NETGEAR WN3500RP NETGEAR WNDR3700v5 NETGEAR WNDR4300 NETGEAR WNDR4300v2 NETGEAR WNDR4500 NETGEAR WNDR4500v2 NETGEAR WNDR4500v3 NETGEAR XAU2511 NETGEAR XAUB2511 TP-LINK Archer C2 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer C20 V1.0 (Not affected) TP-LINK Archer C20i V1.0 (Fix planned before 2015/05/25) TP-LINK Archer C5 V1.2 (Fix planned before 2015/05/22) TP-LINK Archer C5 V2.0 (Fix planned before 2015/05/30) TP-LINK Archer C7 V1.0 (Fix planned before 2015/05/30) TP-LINK Archer C7 V2.0 (Fix already released) TP-LINK Archer C8 V1.0 (Fix planned before 2015/05/30) TP-LINK Archer C9 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer D2 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer D5 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer D7 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer D7B V1.0 (Fix planned before 2015/05/31) TP-LINK Archer D9 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer VR200v V1.0 (Fix already released) TP-LINK TD-VG3511 V1.0 (End-Of-Life) TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/31) TP-LINK TD-W1042ND V1.0 (End-Of-Life) TP-LINK TD-W1043ND V1.0 (End-Of-Life) TP-LINK TD-W8968 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8968 V2.0 (Fix planned before 2015/05/30) TP-LINK TD-W8968 V3.0 (Fix planned before 2015/05/25) TP-LINK TD-W8970 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8970 V3.0 (Fix already released) TP-LINK TD-W8970B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8980 V3.0 (Fix planned before 2015/05/25) TP-LINK TD-W8980B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W9980 V1.0 (Fix already released) TP-LINK TD-W9980B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-WDR4900 V1.0 (End-Of-Life) TP-LINK TL-WR1043ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR1043ND V3.0 (Fix planned before 2015/05/30) TP-LINK TL-WR1045ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR3500 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR3600 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR4300 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR842ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR842ND V1.0 (End-Of-Life) TP-LINK TX-VG1530(GPON) V1.0 (Fix planned before 2015/05/31) Trendnet TE100-MFP1 (v1.0R) Trendnet TEW-632BRP (A1.0R) Trendnet TEW-632BRP (A1.1R/A1.2R) Trendnet TEW-632BRP (A1.1R/A1.2R/A1.3R) Trendnet TEW-634GRU (v1.0R) Trendnet TEW-652BRP (V1.0R) Trendnet TEW-673GRU (v1.0R) Trendnet TEW-811DRU (v1.0R) Trendnet TEW-812DRU (v1.0R) Trendnet TEW-812DRU (v2.xR) Trendnet TEW-813DRU (v1.0R) Trendnet TEW-818DRU (v1.0R) Trendnet TEW-823DRU (v1.0R) Trendnet TEW-MFP1 (v1.0R) Zyxel NBG-419N v2 Zyxel NBG4615 v2 Zyxel NBG5615 Zyxel NBG5715

    Based on information embedded in KCodes drivers we believe the following vendors are affected: Allnet Ambir Technology AMIT Asante Atlantis Corega Digitus D-Link EDIMAX Encore Electronics Engenius Etop Hardlink Hawking IOGEAR LevelOne Longshine NETGEAR PCI PROLiNK Sitecom Taifa TP-LINK TRENDnet Western Digital ZyXEL

    Vendor contact timeline:

    2015-02-28: Contacting vendor through support@kcodes.com 2015-03-04: No response, contacting various KCodes addresses found on the web. 2015-03-05: Vendor responds, requests more information. 2015-03-05: Providing advisory and proof of concept exploit. 2015-03-16: No response, requesting status update. 2015-03-16: Vendor responds, asks about fix verification(?) 2015-03-16: Requesting clarification about fixing status and information about next steps. Proposing conference call dates. 2015-03-19: No response, informing that notification of CERT/CC and selected vendors will start shortly. Requesting clarification about fixing status and information about next steps again. 2015-03-19: Vendor responds, confirms conference call date (2015-03-25). No further information provided. 2015-03-19: Providing advisory and proof of concept exploit to TP-LINK and NETGEAR. 2015-03-25: Vendor cancels conference call on short notice (sudden week-long business trip). 2015-03-26: Asking for support of CERT/CC regarding vendor coordination. 2015-03 - 2015-05: Coordination between CERT & vendors, NETGEAR and TP-LINK 2015-05-13: Notifying German CERT-Bund and Austrian CERT.at 2015-05-19: Coordinated release of security advisory

    Solution:

    TP-LINK has started releasing fixed firmware. The status of affected products can be found in the affected product list above.

    For additional information also see CERT/CC vulnerability notice: http://www.kb.cert.org/vuls/id/177092

    Workaround:

    Sometimes NetUSB can be disabled via the web interface, but at least on NETGEAR devices this does not mitigate the vulnerability. NETGEAR told us, that there is no workaround available, the TCP port can't be firewalled nor is there a way to disable the service on their devices. It ensures the continued knowledge gain of SEC Consult in the field of network and application security to stay ahead of the attacker. The SEC Consult Vulnerability Lab supports high-quality penetration testing and the evaluation of new offensive and defensive technologies for our customers. Hence our customers obtain the most current information about vulnerabilities and valid recommendation about the risk profile of new technologies.

    Interested to work with the experts of SEC Consult?
    Send us your application https://www.sec-consult.com/en/Career.htm
    
    Interested in improving your cyber security with the experts of SEC Consult?
    Contact our local offices https://www.sec-consult.com/en/About/Contact.htm
    

    Mail: research at sec-consult dot com Web: https://www.sec-consult.com Blog: http://blog.sec-consult.com Twitter: https://twitter.com/sec_consult

    EOF Stefan Viehböck / @2015

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "netusb",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "kcodes",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-632brp",
            "scope": null,
            "trust": 1.2,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "kcodes",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "_id": null,
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple vendors",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-812dru",
            "scope": null,
            "trust": 0.6,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "nbg5715",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nbg5615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nbg4615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "v2"
          },
          {
            "_id": null,
            "model": "nbg-419n",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "v20"
          },
          {
            "_id": null,
            "model": "tew-mfp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-823dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-818dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-813dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-811dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-673gru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-652brp",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-634gru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "te100-mfp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tx-vg1530",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr842nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "tl-wr842nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr4300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr3600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr3500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr1045nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "tl-wr1043nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "tl-wr1043nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "td-wdr4900",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w9980b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w9980",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8980b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8980",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "td-w8970b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8970",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "td-w8970",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8968",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "td-w8968",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "td-w8968",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w1043nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w1042nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-vg3631",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-vg3511",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer vr200v",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d7b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer c7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer c5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "archer c20i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer c2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "xaub2511",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "xau2511",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4500v3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4500v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4300v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr3700v5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wn3500rp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r8000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r7900",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r7500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r7000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6700",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6300v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6300v1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6250",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6220",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6200v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6050",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "lg6100d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jnr3000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex7000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dgnd4000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dc112a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "centria wndr4720",
            "scope": null,
            "trust": 0.3,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "centria wndr4700",
            "scope": null,
            "trust": 0.3,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "ac1450",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "netusb",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kcodes",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dir-685",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "d link",
            "version": "2.00"
          },
          {
            "_id": null,
            "model": "dir-615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "d link",
            "version": "3.13"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:misc:multiple_vendors",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Stefan Viehb\u00f6ck from SEC Consult Vulnerability Lab",
        "sources": [
          {
            "db": "BID",
            "id": "74724"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-3036",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-3036",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "availabilityRequirement": "NOT DEFINED",
                "baseScore": 5.7,
                "collateralDamagePotential": "NOT DEFINED",
                "confidentialityImpact": "NONE",
                "confidentialityRequirement": "NOT DEFINED",
                "enviromentalScore": 3.7,
                "exploitability": "PROOF-OF-CONCEPT",
                "exploitabilityScore": 5.5,
                "id": "CVE-2015-3036",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "integrityRequirement": "NOT DEFINED",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "remediationLevel": "WORKAROUND",
                "reportConfidence": "CONFIRMED",
                "severity": "MEDIUM",
                "targetDistribution": "MEDIUM",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vector_string": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-3036",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-3036",
                "trust": 0.8,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-3036",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201505-429",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-3036",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005. KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. KCodes NetUSB The kernel driver contains a buffer overflow vulnerability. KCodes NetUSB Is Linux Connected to base embedded devices (home router products, etc.) USB Share devices on the network \"USB over IP\" To realize the function, Linux Kernel module. Buffer overflow (CWE-120) - CVE-2015-3036 http://cwe.mitre.org/data/definitions/120.html The client NetUSB The data to send when connecting to the server NetUSB A buffer overflow can occur because the kernel driver does not validate properly. For more information SEC Consult Please check the advisory for. SEC Consult Vulnerability Lab Security Advisory \u003c 20150519-0 \u003e https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt In addition, National Vulnerability Database (NVD) Then CWE-119 It is published as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer ( Buffer error ) http://cwe.mitre.org/data/definitions/119.htmlAn attacker on the local network caused a buffer overflow, resulting in a denial of service operation (DoS) An attacker may be able to attack or execute arbitrary code. Depending on the default settings of the device, a remote attack may be possible. KCodes NetUSB is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. SEC Consult Vulnerability Lab Security Advisory \u003c 20150519-0 \u003e\n=======================================================================\n              title: Kernel Stack Buffer Overflow\n            product: KCodes NetUSB\n vulnerable version: see Vulnerable / tested versions\n      fixed version: see Solution\n         CVE number: CVE-2015-3036, VU#177092\n             impact: Critical\n           homepage: http://www.kcodes.com/\n              found: 2015-02-23\n                 by: Stefan Viehb\u00f6ck (Office Vienna)\n                     SEC Consult Vulnerability Lab\n\n                     An integrated part of SEC Consult\n                     Berlin - Frankfurt/Main - Montreal - Singapore\n                     Vienna (HQ) - Vilnius - Zurich\n\n                     https://www.sec-consult.com\n\n=======================================================================\n\nVendor description:\n-------------------\n\"The world\u0027s premier technology provider of mobile printing, audio and\nvideo communication, file sharing, and USB applications for iPhones,\niPads, smart phones and tablets (Android and Windows), MacBooks, and\nUltrabooks.\"\n\nSource: http://www.kcodes.com/\n\n\nVulnerability overview/description:\n-----------------------------------\nNetUSB suffers from a remotely exploitable kernel stack buffer overflow. \nBecause of insufficient input validation, an overly long computer name can be\nused to overflow the \"computer name\" kernel stack buffer. This results in\nmemory corruption which can be turned into arbitrary remote code execution. \n\nFurthermore, a more detailed summary of this advisory has been published at our\nblog: http://blog.sec-consult.com\n\n\nProof of concept:\n-----------------\nBelow is an excerpt from the vulnerable run_init_sbus() function (pseudo code):\n\nint computername_len;\nchar computername_buf[64];\n// connection initiation, handshake\nlen = ks_recv(sock, \u0026computername_len, 4, 0);\n// ... \nlen = ks_recv(sock, computername_buf, computername_len, 0); // boom!\n\nA proof of concept \"netusb_bof.py\" has been developed which exploits the\nvulnerability. The PoC DoS exploit will not be published as many vendors\ndid not patch the vulnerability yet. \n\nExample use that results in denial-of-service (kernel memory corruption that\nresults in a device reboot):\n./netusb_bof.py 192.168.1.1 20005 500\n\n\nVulnerable / tested versions:\n-----------------------------\nThe vulnerability has been verified to exist in most recent firmware versions\nof the following devives:\n\nTP-Link TL-WDR4300 V1\nTP-Link WR1043ND v2\nNETGEAR WNDR4500\n\nFurthermore we\u0027ve identified NetUSB in the most recent firmware version of the\nfollowing products (list is not necessarily complete!):\nD-Link DIR-615 C\nNETGEAR AC1450\nNETGEAR CENTRIA (WNDR4700/4720)\nNETGEAR D6100\nNETGEAR D6200\nNETGEAR D6300\nNETGEAR D6400\nNETGEAR DC112A\nNETGEAR DC112A (Zain)\nNETGEAR DGND4000\nNETGEAR EX6200\nNETGEAR EX7000\nNETGEAR JNR3000\nNETGEAR JNR3210\nNETGEAR JR6150\nNETGEAR LG6100D\nNETGEAR PR2000\nNETGEAR R6050\nNETGEAR R6100\nNETGEAR R6200\nNETGEAR R6200v2\nNETGEAR R6220\nNETGEAR R6250\nNETGEAR R6300v1\nNETGEAR R6300v2\nNETGEAR R6700\nNETGEAR R7000\nNETGEAR R7500\nNETGEAR R7900\nNETGEAR R8000\nNETGEAR WN3500RP\nNETGEAR WNDR3700v5\nNETGEAR WNDR4300\nNETGEAR WNDR4300v2\nNETGEAR WNDR4500\nNETGEAR WNDR4500v2\nNETGEAR WNDR4500v3\nNETGEAR XAU2511\nNETGEAR XAUB2511\nTP-LINK Archer C2 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer C20 V1.0 (Not affected)\nTP-LINK Archer C20i V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer C5 V1.2 (Fix planned before 2015/05/22)\nTP-LINK Archer C5 V2.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C7 V1.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C7 V2.0 (Fix already released)\nTP-LINK Archer C8 V1.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C9 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer D2 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer D5 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer D7 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer D7B V1.0 (Fix planned before 2015/05/31)\nTP-LINK Archer D9 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer VR200v V1.0 (Fix already released)\nTP-LINK TD-VG3511 V1.0 (End-Of-Life)\nTP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/31)\nTP-LINK TD-W1042ND V1.0 (End-Of-Life)\nTP-LINK TD-W1043ND V1.0 (End-Of-Life)\nTP-LINK TD-W8968 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8968 V2.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8968 V3.0 (Fix planned before 2015/05/25)\nTP-LINK TD-W8970 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8970 V3.0 (Fix already released)\nTP-LINK TD-W8970B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8980 V3.0 (Fix planned before 2015/05/25)\nTP-LINK TD-W8980B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W9980 V1.0 (Fix already released)\nTP-LINK TD-W9980B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-WDR4900 V1.0 (End-Of-Life)\nTP-LINK TL-WR1043ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR1043ND V3.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR1045ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR3500 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR3600 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR4300 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR842ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR842ND V1.0 (End-Of-Life)\nTP-LINK TX-VG1530(GPON) V1.0 (Fix planned before 2015/05/31)\nTrendnet TE100-MFP1 (v1.0R)\nTrendnet TEW-632BRP (A1.0R)\nTrendnet TEW-632BRP (A1.1R/A1.2R)\nTrendnet TEW-632BRP (A1.1R/A1.2R/A1.3R)\nTrendnet TEW-634GRU (v1.0R)\nTrendnet TEW-652BRP (V1.0R)\nTrendnet TEW-673GRU (v1.0R)\nTrendnet TEW-811DRU (v1.0R)\nTrendnet TEW-812DRU (v1.0R)\nTrendnet TEW-812DRU (v2.xR)\nTrendnet TEW-813DRU (v1.0R)\nTrendnet TEW-818DRU (v1.0R)\nTrendnet TEW-823DRU (v1.0R)\nTrendnet TEW-MFP1 (v1.0R)\nZyxel NBG-419N v2\nZyxel NBG4615 v2\nZyxel NBG5615\nZyxel NBG5715\n\nBased on information embedded in KCodes drivers we believe the following\nvendors are affected:\nAllnet\nAmbir Technology\nAMIT\nAsante\nAtlantis\nCorega\nDigitus\nD-Link\nEDIMAX\nEncore Electronics\nEngenius\nEtop\nHardlink\nHawking\nIOGEAR\nLevelOne\nLongshine\nNETGEAR\nPCI\nPROLiNK\nSitecom\nTaifa\nTP-LINK\nTRENDnet\nWestern Digital\nZyXEL\n\n\nVendor contact timeline:\n------------------------\n2015-02-28: Contacting vendor through support@kcodes.com\n2015-03-04: No response, contacting various KCodes addresses found on the web. \n2015-03-05: Vendor responds, requests more information. \n2015-03-05: Providing advisory and proof of concept exploit. \n2015-03-16: No response, requesting status update. \n2015-03-16: Vendor responds, asks about fix verification(?)\n2015-03-16: Requesting clarification about fixing status and information about\n            next steps. Proposing conference call dates. \n2015-03-19: No response, informing that notification of CERT/CC and selected\n            vendors will start shortly. Requesting clarification about fixing\n            status and information about next steps again. \n2015-03-19: Vendor responds, confirms conference call date (2015-03-25). No\n            further information provided. \n2015-03-19: Providing advisory and proof of concept exploit to TP-LINK and\n            NETGEAR. \n2015-03-25: Vendor cancels conference call on short notice (sudden week-long\n            business trip). \n2015-03-26: Asking for support of CERT/CC regarding vendor coordination. \n2015-03 - 2015-05: Coordination between CERT \u0026 vendors, NETGEAR and TP-LINK\n2015-05-13: Notifying German CERT-Bund and Austrian CERT.at\n2015-05-19: Coordinated release of security advisory\n\n\nSolution:\n---------\nTP-LINK has started releasing fixed firmware. The status of affected products\ncan be found in the affected product list above. \n\nFor additional information also see CERT/CC vulnerability notice:\nhttp://www.kb.cert.org/vuls/id/177092\n\n\nWorkaround:\n-----------\nSometimes NetUSB can be disabled via the web interface, but at least on NETGEAR\ndevices this does not mitigate the vulnerability. NETGEAR told us, that there is\nno workaround available, the TCP port can\u0027t be firewalled nor is there a way to\ndisable the service on their devices. It\nensures the continued knowledge gain of SEC Consult in the field of network\nand application security to stay ahead of the attacker. The SEC Consult\nVulnerability Lab supports high-quality penetration testing and the evaluation\nof new offensive and defensive technologies for our customers. Hence our\ncustomers obtain the most current information about vulnerabilities and valid\nrecommendation about the risk profile of new technologies. \n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nInterested to work with the experts of SEC Consult?\nSend us your application https://www.sec-consult.com/en/Career.htm\n\nInterested in improving your cyber security with the experts of SEC Consult?\nContact our local offices https://www.sec-consult.com/en/About/Contact.htm\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nMail: research at sec-consult dot com\nWeb: https://www.sec-consult.com\nBlog: http://blog.sec-consult.com\nTwitter: https://twitter.com/sec_consult\n\nEOF Stefan Viehb\u00f6ck / @2015\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          },
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "PACKETSTORM",
            "id": "131987"
          }
        ],
        "trust": 2.79
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.kb.cert.org/vuls/id/177092",
            "trust": 0.8,
            "type": "poc"
          },
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=38566",
            "trust": 0.2,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#177092",
            "trust": 3.7
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "74724",
            "trust": 1.4
          },
          {
            "db": "PACKETSTORM",
            "id": "131987",
            "trust": 1.2
          },
          {
            "db": "SECTRACK",
            "id": "1032377",
            "trust": 1.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133919",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "38566",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "38454",
            "trust": 1.1
          },
          {
            "db": "JVN",
            "id": "JVNVU90185396",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "trust": 0.6
          },
          {
            "db": "DLINK",
            "id": "SAP10057",
            "trust": 0.3
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "PACKETSTORM",
            "id": "131987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "id": "VAR-201505-0408",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5346243894594594
      },
      "last_update_date": "2025-04-13T23:29:37.607000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "USB Over IP (NetUSB)",
            "trust": 0.8,
            "url": "http://www.kcodes.com/product/usb_01.html"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2015/05/20/netusb_router_fail/"
          },
          {
            "title": "TD-W8970-NetUSB-Fix-v1-",
            "trust": 0.1,
            "url": "https://github.com/Leproide/TD-W8970-NetUSB-Fix-v1- "
          },
          {
            "title": "NetUSB-exploit",
            "trust": 0.1,
            "url": "https://github.com/funsecurity/NetUSB-exploit "
          },
          {
            "title": "MiraiSecurity",
            "trust": 0.1,
            "url": "https://github.com/pandazheng/MiraiSecurity "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/details-surface-on-unpatched-kcodes-netusb-bug/112910/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.6,
            "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_kcodes_netusb_kernel_stack_buffer_overflow_v10.txt"
          },
          {
            "trust": 3.3,
            "url": "http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html"
          },
          {
            "trust": 2.9,
            "url": "http://www.kb.cert.org/vuls/id/177092"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/74724"
          },
          {
            "trust": 1.2,
            "url": "https://www.exploit-db.com/exploits/38566/"
          },
          {
            "trust": 1.1,
            "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10057"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/131987/kcodes-netusb-buffer-overflow.html"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2015/may/74"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1032377"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/133919/netusb-stack-buffer-overflow.html"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2015/oct/50"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/38454/"
          },
          {
            "trust": 0.8,
            "url": "http://kb.netgear.com/app/answers/detail/a_id/28393/"
          },
          {
            "trust": 0.8,
            "url": "http://www.trendnet.com/support/view.asp?cat=4\u0026id=58"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3036"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90185396/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3036"
          },
          {
            "trust": 0.3,
            "url": "http://www.kcodes.com/product/usb_01.html"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/funsecurity/netusb-exploit"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/leproide/td-w8970-netusb-fix-v1-"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com/en/career.htm"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3036"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com/en/about/contact.htm"
          },
          {
            "trust": 0.1,
            "url": "https://twitter.com/sec_consult"
          },
          {
            "trust": 0.1,
            "url": "http://blog.sec-consult.com"
          },
          {
            "trust": 0.1,
            "url": "http://www.kcodes.com/"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com/en/vulnerability-lab/advisories.htm"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "PACKETSTORM",
            "id": "131987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#177092",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "ident": null
          },
          {
            "db": "BID",
            "id": "74724",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131987",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-05-19T00:00:00",
            "db": "CERT/CC",
            "id": "VU#177092",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "ident": null
          },
          {
            "date": "2015-05-19T00:00:00",
            "db": "BID",
            "id": "74724",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "ident": null
          },
          {
            "date": "2015-05-21T14:44:44",
            "db": "PACKETSTORM",
            "id": "131987",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "ident": null
          },
          {
            "date": "2015-05-21T01:59:27.087000",
            "db": "NVD",
            "id": "CVE-2015-3036",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-06-05T00:00:00",
            "db": "CERT/CC",
            "id": "VU#177092",
            "ident": null
          },
          {
            "date": "2016-12-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "ident": null
          },
          {
            "date": "2015-12-08T22:03:00",
            "db": "BID",
            "id": "74724",
            "ident": null
          },
          {
            "date": "2015-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-3036",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "KCodes NetUSB kernel driver is vulnerable to buffer overflow",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202302-0136

    Vulnerability from variot - Updated: 2025-03-28 02:54

    An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification. This affects WNR612v2 Wireless Routers 1.0.0.3 and earlier, DGN1000v3 Modem Router 1.0.0.22 and earlier, D6100 WiFi DSL Modem Routers 1.0.0.63 and earlier, WNR1000v2 Wireless Routers 1.1.2.60 and earlier, XAVN2001v2 Wireless-N Extenders 0.4.0.7 and earlier, WNR2200 Wireless Routers 1.0.1.102 and earlier, WNR2500 Wireless Routers 1.0.0.34 and earlier, R8900 Smart WiFi Routers 1.0.3.6 and earlier, and R9000 Smart WiFi Routers 1.0.3.6 and earlier. plural Netgear The product contains a flaw in the integrity verification of downloaded code.Information is tampered with and service operation is interrupted (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202302-0136",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wnr612v2",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.3"
          },
          {
            "model": "dgn1000v3",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "wnr1000v2",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.2.60"
          },
          {
            "model": "wnr2200",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.102"
          },
          {
            "model": "xavn2001v2",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "0.4.0.7"
          },
          {
            "model": "d6100",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "r8900",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "wnr2500",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.34"
          },
          {
            "model": "r9000",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "wnr2200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "wnr2500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "wnr612v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dgn1000v3",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6100",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "wnr1000v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "xavn2001v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r8900",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r9000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-23110"
          }
        ]
      },
      "cve": "CVE-2023-23110",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.2,
                "id": "CVE-2023-23110",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.4,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2023-23110",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2023-23110",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2023-23110",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2023-23110",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202302-162",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-162"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-23110"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-23110"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification. This affects WNR612v2 Wireless Routers 1.0.0.3 and earlier, DGN1000v3 Modem Router 1.0.0.22 and earlier, D6100 WiFi DSL Modem Routers 1.0.0.63 and earlier, WNR1000v2 Wireless Routers 1.1.2.60 and earlier, XAVN2001v2 Wireless-N Extenders 0.4.0.7 and earlier, WNR2200 Wireless Routers 1.0.1.102 and earlier, WNR2500 Wireless Routers 1.0.0.34 and earlier, R8900 Smart WiFi Routers 1.0.3.6 and earlier, and R9000 Smart WiFi Routers 1.0.3.6 and earlier. plural Netgear The product contains a flaw in the integrity verification of downloaded code.Information is tampered with and service operation is interrupted (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-23110"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "db": "VULMON",
            "id": "CVE-2023-23110"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2023-23110",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-162",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2023-23110",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2023-23110"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-162"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-23110"
          }
        ]
      },
      "id": "VAR-202302-0136",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.42982739714285717
      },
      "last_update_date": "2025-03-28T02:54:55.760000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "NETGEAR\u00a0Product\u00a0Security",
            "trust": 0.8,
            "url": "https://www.netgear.com/about/security/"
          },
          {
            "title": "NETGEAR D6100 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=224796"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/Live-Hack-CVE/CVE-2023-23110 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2023-23110"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-162"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-494",
            "trust": 1.0
          },
          {
            "problemtype": "Incomplete integrity verification of downloaded code (CWE-494) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-23110"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://www.netgear.com/about/security/"
          },
          {
            "trust": 1.7,
            "url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/sjcgkb-9o"
          },
          {
            "trust": 1.7,
            "url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/s1bnhbwqi"
          },
          {
            "trust": 1.7,
            "url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/hyzrxmb9s"
          },
          {
            "trust": 1.7,
            "url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/r1z4bx-5i"
          },
          {
            "trust": 1.7,
            "url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/ryjvzz-5s"
          },
          {
            "trust": 1.7,
            "url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/s1t47ebqj"
          },
          {
            "trust": 1.7,
            "url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/bkbpiegco"
          },
          {
            "trust": 1.7,
            "url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/s1qwglm5o"
          },
          {
            "trust": 1.7,
            "url": "https://hackmd.io/%40slasvrz_srw7nqcsunofea/h1licxbco"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-23110"
          },
          {
            "trust": 0.8,
            "url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/bkbpiegco"
          },
          {
            "trust": 0.8,
            "url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/h1licxbco"
          },
          {
            "trust": 0.8,
            "url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/hyzrxmb9s"
          },
          {
            "trust": 0.8,
            "url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/s1bnhbwqi"
          },
          {
            "trust": 0.8,
            "url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/s1qwglm5o"
          },
          {
            "trust": 0.8,
            "url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/s1t47ebqj"
          },
          {
            "trust": 0.8,
            "url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/sjcgkb-9o"
          },
          {
            "trust": 0.8,
            "url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/r1z4bx-5i"
          },
          {
            "trust": 0.8,
            "url": "https://hackmd.io/@slasvrz_srw7nqcsunofea/ryjvzz-5s"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2023-23110/"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2023-23110"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2023-23110"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-162"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-23110"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2023-23110"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-162"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-23110"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2023-23110"
          },
          {
            "date": "2023-09-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "date": "2023-02-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202302-162"
          },
          {
            "date": "2023-02-02T15:17:43.473000",
            "db": "NVD",
            "id": "CVE-2023-23110"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2023-23110"
          },
          {
            "date": "2023-09-11T01:21:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          },
          {
            "date": "2023-02-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202302-162"
          },
          {
            "date": "2025-03-26T21:15:18.670000",
            "db": "NVD",
            "id": "CVE-2023-23110"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-162"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Netgear\u00a0 Vulnerability related to insufficient integrity verification of downloaded code in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-003483"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202302-162"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1636

    Vulnerability from variot - Updated: 2024-11-23 23:11

    plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1636",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.14"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.18"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.34"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "d500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "d1500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.22"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.22"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.82_1.1.117"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.6"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.34_1.0.70"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.94"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d1500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          }
        ]
      },
      "cve": "CVE-2018-21231",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21231",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016407",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21231",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.1,
                "id": "CVE-2018-21231",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.4,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016407",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21231",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21231",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016407",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2129",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21231",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          }
        ],
        "trust": 0.81
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21231",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21231",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "id": "VAR-202004-1636",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4058950425581395
      },
      "last_update_date": "2024-11-23T23:11:26.757000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Security Misconfiguration on Some Routers, Gateways, and Extenders, PSV-2016-0102",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
          },
          {
            "title": "Multiple NETGEAR Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117052"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055103/security-advisory-for-security-misconfiguration-on-some-routers-gateways-and-extenders-psv-2016-0102"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21231"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21231"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "date": "2020-04-24T15:15:13.003000",
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "date": "2024-11-21T04:03:14.407000",
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1657

    Vulnerability from variot - Updated: 2024-11-23 23:11

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1657",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21211"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          }
        ]
      },
      "cve": "CVE-2018-21211",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21211",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016359",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46563",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21211",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21211",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016359",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21211",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21211",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016359",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46563",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2284",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21211",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2284"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21211"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21211"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21211"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21211",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2284",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21211",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2284"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21211"
          }
        ]
      },
      "id": "VAR-202004-1657",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          }
        ],
        "trust": 1.2545377938461537
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:26.727000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2017-2491",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055138/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2491"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46563)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276321"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117376"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2284"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21211"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21211"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055138/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2017-2491"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21211"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2284"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21211"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21211"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2284"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21211"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21211"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2284"
          },
          {
            "date": "2020-04-28T16:15:13.950000",
            "db": "NVD",
            "id": "CVE-2018-21211"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46563"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21211"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2284"
          },
          {
            "date": "2024-11-21T04:03:11.257000",
            "db": "NVD",
            "id": "CVE-2018-21211"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2284"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016359"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2284"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1678

    Vulnerability from variot - Updated: 2024-11-23 23:11

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1678",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21176"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          }
        ]
      },
      "cve": "CVE-2018-21176",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2018-21176",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016385",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-28115",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2018-21176",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21176",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016385",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21176",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21176",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016385",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28115",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2219",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21176",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2219"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21176"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21176"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21176"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21176",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2219",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21176",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2219"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21176"
          }
        ]
      },
      "id": "VAR-202004-1678",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          }
        ],
        "trust": 1.2739518849999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:26.693000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2623",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055182/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2623"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28115)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217411"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117724"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2219"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21176"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21176"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055182/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2623"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21176"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2219"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21176"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2219"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21176"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21176"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2219"
          },
          {
            "date": "2020-04-27T20:15:11.897000",
            "db": "NVD",
            "id": "CVE-2018-21176"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28115"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21176"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2219"
          },
          {
            "date": "2024-11-21T04:03:05.770000",
            "db": "NVD",
            "id": "CVE-2018-21176"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2219"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016385"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2219"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0756

    Vulnerability from variot - Updated: 2024-11-23 23:08

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6000 before 1.0.0.72, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0756",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "wndr4300v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.104"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20736"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          }
        ]
      },
      "cve": "CVE-2019-20736",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2019-20736",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015453",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-66984",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20736",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20736",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015453",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20736",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20736",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015453",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-66984",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1347",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1347"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20736"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20736"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6000 before 1.0.0.72, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20736"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20736",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1347",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1347"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20736"
          }
        ]
      },
      "id": "VAR-202004-0756",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          }
        ],
        "trust": 1.2411164908333334
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:08:03.187000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2018-0133",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061190/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0133"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-66984)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/288736"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114906"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1347"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20736"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20736"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061190/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2018-0133"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20736"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1347"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20736"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1347"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20736"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1347"
          },
          {
            "date": "2020-04-16T20:15:13.680000",
            "db": "NVD",
            "id": "CVE-2019-20736"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-66984"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1347"
          },
          {
            "date": "2024-11-21T04:39:13.527000",
            "db": "NVD",
            "id": "CVE-2019-20736"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015453"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1347"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0777

    Vulnerability from variot - Updated: 2024-11-23 23:08

    Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR R7500 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0777",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.47"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.47"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "rbk50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbr50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.40"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk50_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr50_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbs50_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wayne Low of Fortinets FortiGuard Labs",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20715",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2019-20715",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015317",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2020-30686",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20715",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20715",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015317",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20715",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20715",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015317",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-30686",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1299",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800 before 1.0.1.47, DM200 before 1.0.0.61, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, and RBS50 before 2.3.0.32. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR R7500 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20715",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "id": "VAR-202004-0777",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          }
        ],
        "trust": 1.0532386472727273
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:08:03.159000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross Site Scripting on Some Routers, Gateways, and WiFi Systems, PSV-2018-0248",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061213/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0248"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-30686)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219485"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116568"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20715"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061213/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-wifi-systems-psv-2018-0248"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20715"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "date": "2020-05-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "date": "2020-04-16T19:15:24.823000",
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30686"
          },
          {
            "date": "2020-05-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          },
          {
            "date": "2024-11-21T04:39:10.023000",
            "db": "NVD",
            "id": "CVE-2019-20715"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015317"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1299"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1308

    Vulnerability from variot - Updated: 2024-11-23 23:07

    Certain NETGEAR devices are affected by command injection. This affects D6220 before 1.0.0.28 and D6100 before 1.0.0.50_0.0.50. NETGEAR D6220 and D6100 A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1308",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50_0.0.50"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50_0.0.50"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.28"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18795"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          }
        ]
      },
      "cve": "CVE-2017-18795",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18795",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014898",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2017-18795",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2017-18795",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014898",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18795",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18795",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014898",
                "trust": 0.8,
                "value": "Medium"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18795"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18795"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection. This affects D6220 before 1.0.0.28 and D6100 before 1.0.0.50_0.0.50. NETGEAR D6220 and D6100 A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18795"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18795",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1823",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1823"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18795"
          }
        ]
      },
      "id": "VAR-202004-1308",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.438521955
      },
      "last_update_date": "2024-11-23T23:07:58.793000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Command Injection Vulnerability on D6220 and D6100, PSV-2016-0133",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049367/Security-Advisory-for-Command-Injection-Vulnerability-on-D6220-and-D6100-PSV-2016-0133"
          },
          {
            "title": "NETGEAR D6220  and D6100 Fixes for command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116300"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1823"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18795"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049367/security-advisory-for-command-injection-vulnerability-on-d6220-and-d6100-psv-2016-0133"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18795"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18795"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1823"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18795"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1823"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18795"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          },
          {
            "date": "2020-04-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1823"
          },
          {
            "date": "2020-04-21T19:15:12.177000",
            "db": "NVD",
            "id": "CVE-2017-18795"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1823"
          },
          {
            "date": "2024-11-21T03:20:56.593000",
            "db": "NVD",
            "id": "CVE-2017-18795"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NETGEAR D6220 and  D6100 Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014898"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1823"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1665

    Vulnerability from variot - Updated: 2024-11-23 23:07

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1665",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21219"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21219"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          }
        ]
      },
      "cve": "CVE-2018-21219",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21219",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016344",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-48925",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21219",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21219",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016344",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21219",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21219",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016344",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-48925",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2296",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21219",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21219"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2296"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21219"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21219"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21219"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21219"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21219",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2296",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21219",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21219"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2296"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21219"
          }
        ]
      },
      "id": "VAR-202004-1665",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          }
        ],
        "trust": 1.2675980592307692
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:07:58.372000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2017-2482",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055118/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2482"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-48925)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276746"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117388"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2296"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21219"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21219"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055118/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2017-2482"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21219"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21219"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2296"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21219"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21219"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2296"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21219"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-04T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21219"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2296"
          },
          {
            "date": "2020-04-28T16:15:14.373000",
            "db": "NVD",
            "id": "CVE-2018-21219"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-48925"
          },
          {
            "date": "2020-05-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21219"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2296"
          },
          {
            "date": "2024-11-21T04:03:12.487000",
            "db": "NVD",
            "id": "CVE-2018-21219"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2296"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016344"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2296"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1707

    Vulnerability from variot - Updated: 2024-11-23 23:07

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1707",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21196"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          }
        ]
      },
      "cve": "CVE-2018-21196",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21196",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016364",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2020-28272",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21196",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21196",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016364",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21196",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21196",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016364",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28272",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2264",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21196",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2264"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21196"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21196"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21196"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21196",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2264",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21196",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2264"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21196"
          }
        ]
      },
      "id": "VAR-202004-1707",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          }
        ],
        "trust": 1.2116965357142857
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:07:58.308000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2599",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055153/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2599"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28272)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217551"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21196"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21196"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055153/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2599"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21196"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2264"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21196"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21196"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2264"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21196"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21196"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2264"
          },
          {
            "date": "2020-04-28T16:15:12.967000",
            "db": "NVD",
            "id": "CVE-2018-21196"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28272"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21196"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2264"
          },
          {
            "date": "2024-11-21T04:03:08.933000",
            "db": "NVD",
            "id": "CVE-2018-21196"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2264"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016364"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2264"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1428

    Vulnerability from variot - Updated: 2024-11-23 23:04

    plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with.

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1428",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.18"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.34"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.35"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.0.8"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.5.14"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.36"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.0.8"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.110"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.16"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.4"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.110"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.46"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.5.14"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.46"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.35"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18785"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          }
        ]
      },
      "cve": "CVE-2017-18785",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2017-18785",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014878",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2017-18785",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.1,
                "id": "CVE-2017-18785",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014878",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18785",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18785",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014878",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1888",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1888"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18785"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18785"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with.",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          }
        ],
        "trust": 0.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18785",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1888",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1888"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18785"
          }
        ]
      },
      "id": "VAR-202004-1428",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4028575456097561
      },
      "last_update_date": "2024-11-23T23:04:25.068000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Cross-Site Scripting on Some Routers, Gateways, and Extenders, PSV-2017-2950",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116664"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1888"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18785"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049534/security-advisory-for-cross-site-scripting-on-some-routers-gateways-and-extenders-psv-2017-2950"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18785"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18785"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1888"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18785"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1888"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18785"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1888"
          },
          {
            "date": "2020-04-22T15:15:12.957000",
            "db": "NVD",
            "id": "CVE-2017-18785"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1888"
          },
          {
            "date": "2024-11-21T03:20:54.943000",
            "db": "NVD",
            "id": "CVE-2017-18785"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1888"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014878"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1888"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1575

    Vulnerability from variot - Updated: 2024-11-23 23:04

    plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained.

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1575",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.34"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d1500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.30"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.32"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.24"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "r7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.24"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.30"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.34"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.82"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.24"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.24"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.24"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.68"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.30"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.82"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.0.51"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.42"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d1500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          }
        ]
      },
      "cve": "CVE-2018-21139",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-21139",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016413",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-21139",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21139",
                "impactScore": 4.2,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016413",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21139",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21139",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016413",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2031",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained.",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          }
        ],
        "trust": 0.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21139",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "id": "VAR-202004-1575",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.40138965763157897
      },
      "last_update_date": "2024-11-23T23:04:24.898000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Sensitive Information Disclosure on Some Routers, Wireless Extenders and Smart Cradles, PSV-2017-2198",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198"
          },
          {
            "title": "Multiple NETGEAR Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116786"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000060220/security-advisory-for-sensitive-information-disclosure-on-some-routers-and-smart-cradles-psv-2017-2198"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21139"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21139"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "date": "2020-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "date": "2020-04-23T21:15:11.690000",
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "date": "2024-11-21T04:02:59.713000",
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Information leakage vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1701

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.34, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router.

    There are buffer error vulnerabilities in many NETGEAR products. The vulnerability stems from the fact that when a network system or product performs an operation on memory, the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.34, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1701",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.31"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21190"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          }
        ]
      },
      "cve": "CVE-2018-21190",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21190",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016371",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "MULTIPLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 4.1,
                "id": "CNVD-2020-28235",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:M/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21190",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21190",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016371",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21190",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21190",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016371",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28235",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2253",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21190",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2253"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21190"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21190"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.34, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. \n\r\n\r\nThere are buffer error vulnerabilities in many NETGEAR products. The vulnerability stems from the fact that when a network system or product performs an operation on memory, the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.34, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21190"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21190",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2253",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21190",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2253"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21190"
          }
        ]
      },
      "id": "VAR-202004-1701",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          }
        ],
        "trust": 1.244637929090909
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:04:24.738000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2605",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055167/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2605"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28235)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217479"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21190"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21190"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055167/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2605"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21190"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2253"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21190"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2253"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21190"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21190"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2253"
          },
          {
            "date": "2020-04-28T15:15:12.597000",
            "db": "NVD",
            "id": "CVE-2018-21190"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28235"
          },
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21190"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2253"
          },
          {
            "date": "2024-11-21T04:03:07.983000",
            "db": "NVD",
            "id": "CVE-2018-21190"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2253"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016371"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2253"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1677

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R9000, etc. are all products of NETGEAR. NETGEAR R9000 is a wireless router. NETGEAR R7800 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1677",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21175"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          }
        ]
      },
      "cve": "CVE-2018-21175",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2018-21175",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016384",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-28114",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2018-21175",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21175",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016384",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21175",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21175",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016384",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28114",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2218",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21175",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2218"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21175"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21175"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R9000, etc. are all products of NETGEAR. NETGEAR R9000 is a wireless router. NETGEAR R7800 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21175"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21175",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2218",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21175",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2218"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21175"
          }
        ]
      },
      "id": "VAR-202004-1677",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          }
        ],
        "trust": 1.2939943166666668
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:24.106000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2624",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055183/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2624"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28114)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217413"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117723"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2218"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21175"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21175"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055183/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2624"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21175"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2218"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21175"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2218"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21175"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21175"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2218"
          },
          {
            "date": "2020-04-27T20:15:11.837000",
            "db": "NVD",
            "id": "CVE-2018-21175"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28114"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21175"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2218"
          },
          {
            "date": "2024-11-21T04:03:05.620000",
            "db": "NVD",
            "id": "CVE-2018-21175"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2218"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016384"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2218"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1666

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR WNDR3700 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1666",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21220"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          }
        ]
      },
      "cve": "CVE-2018-21220",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21220",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016345",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46571",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21220",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21220",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016345",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21220",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21220",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016345",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46571",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2299",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21220",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2299"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21220"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21220"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR WNDR3700 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21220"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21220",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2299",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21220",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2299"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21220"
          }
        ]
      },
      "id": "VAR-202004-1666",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          }
        ],
        "trust": 1.2675980592307692
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:17.941000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2017-2481",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055117/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2481"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46571)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276576"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117391"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2299"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21220"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21220"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055117/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2017-2481"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21220"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2299"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21220"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21220"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2299"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21220"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21220"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2299"
          },
          {
            "date": "2020-04-28T16:15:14.403000",
            "db": "NVD",
            "id": "CVE-2018-21220"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46571"
          },
          {
            "date": "2020-05-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21220"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2299"
          },
          {
            "date": "2024-11-21T04:03:12.643000",
            "db": "NVD",
            "id": "CVE-2018-21220"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2299"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016345"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2299"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202005-0733

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48. plural NETGEAR The device contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR WNDR4300 is a wireless router. No detailed vulnerability details are currently provided. This affects D6100 prior to 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 prior to 1.0.2.90, and WNDR4500v3 prior to 1.0.0.48

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202005-0733",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r7100lg",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7100lg",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r7100lg",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r7100lg",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18867"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18867"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          }
        ]
      },
      "cve": "CVE-2017-18867",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18867",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-015008",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2021-46351",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2017-18867",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2017-18867",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Physical",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-015008",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18867",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18867",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-015008",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46351",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202005-117",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18867",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18867"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-117"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18867"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18867"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48. plural NETGEAR The device contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR WNDR4300 is a wireless router. No detailed vulnerability details are currently provided. This affects D6100 prior to 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 prior to 1.0.2.90, and WNDR4500v3 prior to 1.0.0.48",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18867"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18867"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18867",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-117",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18867",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18867"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-117"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18867"
          }
        ]
      },
      "id": "VAR-202005-0733",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          }
        ],
        "trust": 1.2358953
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:17.023000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Security Misconfiguration on Some Routers and Gateways, PSV-2017-2198",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049554/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Gateways-PSV-2017-2198"
          },
          {
            "title": "Patch for Multiple NETGEAR products input verification error vulnerability (CNVD-2021-46351)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/275811"
          },
          {
            "title": "Multiple NETGEAR Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118009"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-117"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18867"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18867"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000049554/security-advisory-for-security-misconfiguration-on-some-routers-and-gateways-psv-2017-2198"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18867"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/20.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18867"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-117"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18867"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18867"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-117"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18867"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-06-27T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18867"
          },
          {
            "date": "2020-06-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202005-117"
          },
          {
            "date": "2020-05-05T14:15:12.390000",
            "db": "NVD",
            "id": "CVE-2017-18867"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46351"
          },
          {
            "date": "2020-05-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18867"
          },
          {
            "date": "2020-06-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          },
          {
            "date": "2020-05-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202005-117"
          },
          {
            "date": "2024-11-21T03:21:08",
            "db": "NVD",
            "id": "CVE-2017-18867"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Input verification vulnerabilities on devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-015008"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202005-117"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202010-0579

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before 1.0.0.78, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.70, XR450 before 2.3.2.40, and XR500 before 2.3.2.40. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202010-0579",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "srs60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.2.2.20"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "srk60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.2.2.20"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.40"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "srr60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.2.2.20"
          },
          {
            "model": "xr450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.40"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d6100",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r8900",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r9000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbk20",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbk50",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbr20",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbr50",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbs20",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbs50",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26913"
          }
        ]
      },
      "cve": "CVE-2020-26913",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2020-26913",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2020-26913",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-012214",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-26913",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-26913",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-26913",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202010-344",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-344"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26913"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26913"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before 1.0.0.78, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.70, XR450 before 2.3.2.40, and XR500 before 2.3.2.40. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-26913"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-26913",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-344",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-344"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26913"
          }
        ]
      },
      "id": "VAR-202010-0579",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.436391673
      },
      "last_update_date": "2024-11-23T22:58:08.273000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Stack\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2018-0140",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062340/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2018-0140"
          },
          {
            "title": "Multiple  NETGEAR Fix for device buffer error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131131"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-344"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26913"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062340/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-wifi-systems-psv-2018-0140"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26913"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-344"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26913"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-344"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26913"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          },
          {
            "date": "2020-10-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-344"
          },
          {
            "date": "2020-10-09T07:15:17.043000",
            "db": "NVD",
            "id": "CVE-2020-26913"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-27T05:42:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          },
          {
            "date": "2020-10-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-344"
          },
          {
            "date": "2024-11-21T05:20:28.870000",
            "db": "NVD",
            "id": "CVE-2020-26913"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-344"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Out-of-bounds write vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012214"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-344"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0758

    Vulnerability from variot - Updated: 2024-11-23 22:51

    Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.34, JNR1010v2 before 1.1.0.50, JWNR2010v5 before 1.1.0.50, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6100 before 1.0.1.16, R6120 before 1.0.0.40, R6700v2 before 1.2.0.14, R6800 before 1.2.0.14, R6900v2 before 1.2.0.14, R7500v2 before 1.0.3.26, R7800 before 1.0.2.46, R9000 before 1.0.4.2, WN3000RPv2 before 1.0.0.52, WN3000RPv3 before 1.0.2.78, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.50, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.50, and WNR2050 before 1.1.0.50. NOTE: this may be a result of an incomplete fix for CVE-2017-18866. plural NETGEAR A cross-site scripting vulnerability exists in the device. This vulnerability is CVE-2017-18866 This is a vulnerability caused by an incomplete fix for.Information may be obtained and tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0758",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.78"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.46"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.14"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.14"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.14"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "r6080",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "rbk50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "rbr50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.5.30"
          },
          {
            "model": "rbs50",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.5.30"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20738"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6080_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk50_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr50_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbs50_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          }
        ]
      },
      "cve": "CVE-2019-20738",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2019-20738",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015455",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2019-20738",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.1,
                "id": "CVE-2019-20738",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.4,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015455",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "Low",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20738",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20738",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015455",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1349",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1349"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20738"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20738"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.34, JNR1010v2 before 1.1.0.50, JWNR2010v5 before 1.1.0.50, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6100 before 1.0.1.16, R6120 before 1.0.0.40, R6700v2 before 1.2.0.14, R6800 before 1.2.0.14, R6900v2 before 1.2.0.14, R7500v2 before 1.0.3.26, R7800 before 1.0.2.46, R9000 before 1.0.4.2, WN3000RPv2 before 1.0.0.52, WN3000RPv3 before 1.0.2.78, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.50, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.50, and WNR2050 before 1.1.0.50. NOTE: this may be a result of an incomplete fix for CVE-2017-18866. plural NETGEAR A cross-site scripting vulnerability exists in the device. This vulnerability is CVE-2017-18866 This is a vulnerability caused by an incomplete fix for.Information may be obtained and tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20738"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20738",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1349",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1349"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20738"
          }
        ]
      },
      "id": "VAR-202004-0758",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4014819361111111
      },
      "last_update_date": "2024-11-23T22:51:27.268000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross Site Scripting on Some Routers, Gateways, and WiFi System, PSV-2016-0100",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061187/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-System-PSV-2016-0100"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114908"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1349"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20738"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061187/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-wifi-system-psv-2016-0100"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20738"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20738"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1349"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20738"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1349"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20738"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1349"
          },
          {
            "date": "2020-04-16T20:15:13.820000",
            "db": "NVD",
            "id": "CVE-2019-20738"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1349"
          },
          {
            "date": "2024-11-21T04:39:13.863000",
            "db": "NVD",
            "id": "CVE-2019-20738"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1349"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015455"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1349"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1663

    Vulnerability from variot - Updated: 2024-11-23 22:51

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, and R6100 before 1.0.1.20. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, and R6100 prior to 1.0.1.20

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1663",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21217"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          }
        ]
      },
      "cve": "CVE-2018-21217",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21217",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016342",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46569",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21217",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21217",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016342",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21217",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21217",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016342",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46569",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2297",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21217",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21217"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2297"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21217"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21217"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, and R6100 before 1.0.1.20. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, and R6100 prior to 1.0.1.20",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21217"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21217"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21217",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2297",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21217",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21217"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2297"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21217"
          }
        ]
      },
      "id": "VAR-202004-1663",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          }
        ],
        "trust": 1.12735637
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:51:26.036000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2017-2484",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055120/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2484"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46569)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276406"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117389"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2297"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21217"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21217"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055120/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2017-2484"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21217"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21217"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2297"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21217"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21217"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2297"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21217"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21217"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2297"
          },
          {
            "date": "2020-04-28T16:15:14.263000",
            "db": "NVD",
            "id": "CVE-2018-21217"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46569"
          },
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21217"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2297"
          },
          {
            "date": "2024-11-21T04:03:12.180000",
            "db": "NVD",
            "id": "CVE-2018-21217"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2297"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016342"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2297"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1262

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. This affects AC1450 prior to 2017-01-06, C6300 prior to 2017-01-06, D500 prior to 2017-01-06, D1500 prior to 2017-01-06, D3600 prior to 2017-01-06, D6000 prior to 2017-01-06, D6100 prior to 2017-01-06, D6200 prior to 2017-01-06, D6200B prior to 2017-01-06, D6300B prior to 2017-01-06, D6300 prior to 2017-01-06, DGN1000v3 prior to 2017-01-06, DGN2200v1 prior to 2017-01-06, DGN2200v3 prior to 2017-01-06, DGN2200V4 prior to 2017-01-06, DGN2200Bv3 prior to 2017-01-06, DGN2200Bv4 prior to 2017-01-06, DGND3700v1 prior to 2017-01-06, DGND3700v2 prior to 2017-01-06, DGND3700Bv2 prior to 2017-01-06, JNR1010v1 prior to 2017-01-06, JNR1010v2 prior to 2017-01-06, JNR3300 prior to 2017-01-06, JR6100 prior to 2017-01-06, JR6150 prior to 2017-01-06, JWNR2000v5 prior to 2017-01-06, R2000 prior to 2017-01-06, R6050 prior to 2017-01-06, R6100 prior to 2017-01-06, R6200 prior to 2017-01-06, R6200v2 prior to 2017-01-06, R6220 prior to 2017-01-06, R6250 prior to 2017-01-06, R6300 prior to 2017-01-06, R6300v2 prior to 2017-01-06, R6700 prior to 2017-01-06, R7000 prior to 2017-01-06, R7900 prior to 2017-01-06, R7500 prior to 2017-01-06, R8000 prior to 2017-01-06, WGR614v10 prior to 2017-01-06, WNR1000v2 prior to 2017-01-06, WNR1000v3 prior to 2017-01-06, WNR1000v4 prior to 2017-01-06, WNR2000v3 prior to 2017-01-06, WNR2000v4 prior to 2017-01-06, WNR2000v5 prior to 2017-01-06, WNR2200 prior to 2017-01-06, WNR2500 prior to 2017-01-06, WNR3500Lv2 prior to 2017-01-06, WNDR3400v2 prior to 2017-01-06, WNDR3400v3 prior to 2017-01-06, WNDR3700v3 prior to 2017-01-06, WNDR3700v4 prior to 2017-01-06, WNDR3700v5 prior to 2017-01-06, WNDR4300 prior to 2017-01-06, WNDR4300v2 prior to 2017-01-06, WNDR4500v1 prior to 2017-01-06, WNDR4500v2 prior to 2017-01-06, and WNDR4500v3 prior to 2017-01-06

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1262",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgnd3700b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "ac1450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr2500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jr6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jwnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgnd3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wgr614",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jnr3300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6300b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d1500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "c6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgn1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "ac1450",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "c6300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "ac1450",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "ac1450",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.25"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.25"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.28"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.30"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.32"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.34"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.36"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.82"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.106"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.82"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "dgnd3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.17"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.10j"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.1"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.14"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.66"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.68"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.86"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.6 10.1.12"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.8"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.14"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.16"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.20"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.30"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.06"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.6"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.8"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.8 10.0.77"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.22"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.24"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.32"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.36"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.8"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.84"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.38"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.1.20"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.2"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.14"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.16"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.24"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.7.2 1.1.93"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.7.10"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.4"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.6"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.10"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.12"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.14"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.18"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.26"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.28"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.32"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.42"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.60"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.34"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.36"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.46"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.10"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.8"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.22"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.32"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.36"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.44"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.46"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.54"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.4"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.4 1.1.42"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.46"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.8"
          },
          {
            "model": "wnr2500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wnr2500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.40"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.44"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.46"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.48"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.50"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.56"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.2.44 35.0.53na"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:ac1450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:c6300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d1500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          }
        ]
      },
      "cve": "CVE-2016-11059",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-11059",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014989",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-11059",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014989",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-11059",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014989",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2304",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-11059",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. This affects AC1450 prior to 2017-01-06, C6300 prior to 2017-01-06, D500 prior to 2017-01-06, D1500 prior to 2017-01-06, D3600 prior to 2017-01-06, D6000 prior to 2017-01-06, D6100 prior to 2017-01-06, D6200 prior to 2017-01-06, D6200B prior to 2017-01-06, D6300B prior to 2017-01-06, D6300 prior to 2017-01-06, DGN1000v3 prior to 2017-01-06, DGN2200v1 prior to 2017-01-06, DGN2200v3 prior to 2017-01-06, DGN2200V4 prior to 2017-01-06, DGN2200Bv3 prior to 2017-01-06, DGN2200Bv4 prior to 2017-01-06, DGND3700v1 prior to 2017-01-06, DGND3700v2 prior to 2017-01-06, DGND3700Bv2 prior to 2017-01-06, JNR1010v1 prior to 2017-01-06, JNR1010v2 prior to 2017-01-06, JNR3300 prior to 2017-01-06, JR6100 prior to 2017-01-06, JR6150 prior to 2017-01-06, JWNR2000v5 prior to 2017-01-06, R2000 prior to 2017-01-06, R6050 prior to 2017-01-06, R6100 prior to 2017-01-06, R6200 prior to 2017-01-06, R6200v2 prior to 2017-01-06, R6220 prior to 2017-01-06, R6250 prior to 2017-01-06, R6300 prior to 2017-01-06, R6300v2 prior to 2017-01-06, R6700 prior to 2017-01-06, R7000 prior to 2017-01-06, R7900 prior to 2017-01-06, R7500 prior to 2017-01-06, R8000 prior to 2017-01-06, WGR614v10 prior to 2017-01-06, WNR1000v2 prior to 2017-01-06, WNR1000v3 prior to 2017-01-06, WNR1000v4 prior to 2017-01-06, WNR2000v3 prior to 2017-01-06, WNR2000v4 prior to 2017-01-06, WNR2000v5 prior to 2017-01-06, WNR2200 prior to 2017-01-06, WNR2500 prior to 2017-01-06, WNR3500Lv2 prior to 2017-01-06, WNDR3400v2 prior to 2017-01-06, WNDR3400v3 prior to 2017-01-06, WNDR3700v3 prior to 2017-01-06, WNDR3700v4 prior to 2017-01-06, WNDR3700v5 prior to 2017-01-06, WNDR4300 prior to 2017-01-06, WNDR4300v2 prior to 2017-01-06, WNDR4500v1 prior to 2017-01-06, WNDR4500v2 prior to 2017-01-06, and WNDR4500v3 prior to 2017-01-06",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-11059",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-11059",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "id": "VAR-202004-1262",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4569339544444444
      },
      "last_update_date": "2024-11-23T22:48:01.793000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "NETGEAR Product Vulnerability Advisory: Authentication Bypass and Information Disclosure on Home Routers",
            "trust": 0.8,
            "url": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers"
          },
          {
            "title": "Multiple NETGEAR Product information disclosure vulnerability repair measures",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117917"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/27253/netgear-product-vulnerability-advisory-authentication-bypass-and-information-disclosure-on-home-routers"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-11059"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-11059"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/200.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "date": "2020-04-28T17:15:12.460000",
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "date": "2020-05-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "date": "2024-11-21T02:45:24.220000",
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Information leakage vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1661

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, EX2700 before 1.0.1.28, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, EX2700 prior to 1.0.1.28, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1661",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          }
        ]
      },
      "cve": "CVE-2018-21215",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21215",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016356",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46567",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21215",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21215",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016356",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21215",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21215",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016356",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46567",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2290",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21215",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, EX2700 before 1.0.1.28, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, EX2700 prior to 1.0.1.28, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21215",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "id": "VAR-202004-1661",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          }
        ],
        "trust": 1.275971406
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:01.263000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2486",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055122/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2486"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46567)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276391"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117382"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21215"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055122/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2486"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21215"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "date": "2020-04-28T16:15:14.153000",
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "date": "2020-05-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "date": "2024-11-21T04:03:11.883000",
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1703

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1703",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21192"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21192"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          }
        ]
      },
      "cve": "CVE-2018-21192",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21192",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016369",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2020-28268",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21192",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21192",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016369",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21192",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21192",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016369",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28268",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2252",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21192",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21192"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2252"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21192"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21192"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21192"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21192"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21192",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2252",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21192",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21192"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2252"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21192"
          }
        ]
      },
      "id": "VAR-202004-1703",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          }
        ],
        "trust": 1.2939943166666668
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:01.203000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2603",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055165/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2603"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28268)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217559"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117345"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2252"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21192"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21192"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055165/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2603"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21192"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21192"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2252"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21192"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21192"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2252"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21192"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21192"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2252"
          },
          {
            "date": "2020-04-28T15:15:12.723000",
            "db": "NVD",
            "id": "CVE-2018-21192"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28268"
          },
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21192"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2252"
          },
          {
            "date": "2024-11-21T04:03:08.287000",
            "db": "NVD",
            "id": "CVE-2018-21192"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2252"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016369"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2252"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1705

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.34, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.34, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1705",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21194"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          }
        ]
      },
      "cve": "CVE-2018-21194",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21194",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016377",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2020-28270",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21194",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21194",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016377",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21194",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21194",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016377",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28270",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2256",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21194",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21194"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2256"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21194"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21194"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.34, R6100 before 1.0.1.20, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.34, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21194"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21194"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21194",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2256",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21194",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21194"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2256"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21194"
          }
        ]
      },
      "id": "VAR-202004-1705",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          }
        ],
        "trust": 1.274251435
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:01.174000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2601",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055163/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2601"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28270)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217555"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117348"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2256"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21194"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21194"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055163/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2601"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21194"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21194"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2256"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21194"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21194"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2256"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21194"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21194"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2256"
          },
          {
            "date": "2020-04-28T15:15:12.830000",
            "db": "NVD",
            "id": "CVE-2018-21194"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28270"
          },
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21194"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2256"
          },
          {
            "date": "2024-11-21T04:03:08.613000",
            "db": "NVD",
            "id": "CVE-2018-21194"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2256"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016377"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2256"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1366

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6100 before 1.0.1.14, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.52, WN3000RPv3 before 1.0.2.50, WNDR3700v4 before 1.0.2.88, WNDR3700v5 before 1.1.0.48, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.58, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1366",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          }
        ]
      },
      "cve": "CVE-2017-18764",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2017-18764",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014905",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18764",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18764",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014905",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18764",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18764",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014905",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1910",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6100 before 1.0.1.14, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.52, WN3000RPv3 before 1.0.2.50, WNDR3700v4 before 1.0.2.88, WNDR3700v5 before 1.1.0.48, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.58, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18764",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "id": "VAR-202004-1366",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4303076327777777
      },
      "last_update_date": "2024-11-23T22:44:36.363000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Command Injection on Some Routers, Gateways, and Extenders, PSV-2017-2210",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000051481/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2210"
          },
          {
            "title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117246"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000051481/security-advisory-for-pre-authentication-command-injection-on-some-routers-gateways-and-extenders-psv-2017-2210"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18764"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18764"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "date": "2020-04-22T16:15:11.497000",
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "date": "2024-11-21T03:20:51.747000",
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1660

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1660",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          }
        ]
      },
      "cve": "CVE-2018-21214",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21214",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016355",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46566",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21214",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21214",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016355",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21214",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21214",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016355",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46566",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2287",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21214",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21214",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "id": "VAR-202004-1660",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          }
        ],
        "trust": 1.269161487272727
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:36.002000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2488",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055123/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2488"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46566)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276376"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117379"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21214"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055123/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2488"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21214"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "date": "2020-04-28T16:15:14.107000",
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "date": "2020-05-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "date": "2024-11-21T04:03:11.730000",
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1702

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1702",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21191"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21191"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          }
        ]
      },
      "cve": "CVE-2018-21191",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21191",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016370",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2020-28267",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21191",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21191",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016370",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21191",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21191",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016370",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28267",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2255",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21191",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21191"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2255"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21191"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21191"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6100, etc. are all products of NETGEAR. NETGEAR D6100 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7800 prior to 1.0.2.40, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21191"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21191"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21191",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2255",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21191",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21191"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2255"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21191"
          }
        ]
      },
      "id": "VAR-202004-1702",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          }
        ],
        "trust": 1.3290474737499998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:35.942000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2604",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055166/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2604"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28267)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217561"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117347"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2255"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21191"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21191"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055166/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2604"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21191"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21191"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2255"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21191"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21191"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2255"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21191"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21191"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2255"
          },
          {
            "date": "2020-04-28T15:15:12.660000",
            "db": "NVD",
            "id": "CVE-2018-21191"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28267"
          },
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21191"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2255"
          },
          {
            "date": "2024-11-21T04:03:08.137000",
            "db": "NVD",
            "id": "CVE-2018-21191"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2255"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016370"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2255"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0787

    Vulnerability from variot - Updated: 2024-11-23 22:41

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This affects D3600 prior to 1.0.0.75, D6000 prior to 1.0.0.75, D6100 prior to 1.0.0.63, R7800 prior to 1.0.2.52, R8900 prior to 1.0.4.2, R9000 prior to 1.0.4.2, WNDR3700v4 prior to 1.0.2.102, WNDR4300v1 prior to 1.0.2.104, WNDR4300v2 prior to 1.0.0.58, WNDR4500v3 prior to 1.0.0.58, WNR2000v5 prior to 1.0.0.68, and XR500 prior to 2.3.2.32

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0787",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20725"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "aircut",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20725",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2019-20725",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015318",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20725",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20725",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015318",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20725",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20725",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015318",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1309",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-20725",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2019-20725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20725"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20725"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. This affects D3600 prior to 1.0.0.75, D6000 prior to 1.0.0.75, D6100 prior to 1.0.0.63, R7800 prior to 1.0.2.52, R8900 prior to 1.0.4.2, R9000 prior to 1.0.4.2, WNDR3700v4 prior to 1.0.2.102, WNDR4300v1 prior to 1.0.2.104, WNDR4300v2 prior to 1.0.0.58, WNDR4500v3 prior to 1.0.0.58, WNR2000v5 prior to 1.0.0.68, and XR500 prior to 2.3.2.32",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20725"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20725",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1309",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20725",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2019-20725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20725"
          }
        ]
      },
      "id": "VAR-202004-0787",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.42989337874999994
      },
      "last_update_date": "2024-11-23T22:41:07.571000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2018-0143",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061203/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0143"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116575"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20725"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000061203/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2018-0143"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20725"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20725"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2019-20725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20725"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2019-20725"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20725"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20725"
          },
          {
            "date": "2020-05-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          },
          {
            "date": "2020-04-16T19:15:25.463000",
            "db": "NVD",
            "id": "CVE-2019-20725"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20725"
          },
          {
            "date": "2020-05-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          },
          {
            "date": "2024-11-21T04:39:11.597000",
            "db": "NVD",
            "id": "CVE-2019-20725"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015318"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1309"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1669

    Vulnerability from variot - Updated: 2024-11-23 22:41

    Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. This affects D6100 prior to 1.0.0.57, DM200 prior to 1.0.0.50, EX2700 prior to 1.0.1.32, EX6100v2 prior to 1.0.1.70, EX6150v2 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.62, EX6400 prior to 1.0.1.78, EX7300 prior to 1.0.1.78, EX8000 prior to 1.0.0.114, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1669",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.114"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.42"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "ex8000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.114"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.34 1.0.70"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.62"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex8000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          }
        ]
      },
      "cve": "CVE-2018-21167",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2018-21167",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016392",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2018-21167",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2018-21167",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016392",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21167",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21167",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016392",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2209",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21167",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. This affects D6100 prior to 1.0.0.57, DM200 prior to 1.0.0.50, EX2700 prior to 1.0.1.32, EX6100v2 prior to 1.0.1.70, EX6150v2 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.62, EX6400 prior to 1.0.1.78, EX7300 prior to 1.0.1.78, EX8000 prior to 1.0.0.114, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.54, WNDR4500v3 prior to 1.0.0.54, and WNR2000v5 prior to 1.0.0.64",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21167",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21167",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "id": "VAR-202004-1669",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.3957455253846154
      },
      "last_update_date": "2024-11-23T22:41:06.396000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross-Site Scripting on Routers, Gateways, Extenders, and DSL Modems, PSV-2017-3093",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055191/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Routers-Gateways-Extenders-and-DSL-Modems-PSV-2017-3093"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117304"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055191/security-advisory-for-stored-cross-site-scripting-on-routers-gateways-extenders-and-dsl-modems-psv-2017-3093"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21167"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21167"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "date": "2020-04-27T18:15:12.670000",
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21167"
          },
          {
            "date": "2020-06-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          },
          {
            "date": "2024-11-21T04:03:04.040000",
            "db": "NVD",
            "id": "CVE-2018-21167"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016392"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2209"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1690

    Vulnerability from variot - Updated: 2024-11-23 22:41

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.30, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.30, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1690",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v4 1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v3 1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v5 1.0.0.62"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21179"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr4500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          }
        ]
      },
      "cve": "CVE-2018-21179",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2018-21179",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016388",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2020-28118",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21179",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21179",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016388",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21179",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21179",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016388",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28118",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2222",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21179",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21179"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2222"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21179"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21179"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.30, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D6100 prior to 1.0.0.57, D7800 prior to 1.0.1.30, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21179"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21179"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21179",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2222",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21179",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21179"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2222"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21179"
          }
        ]
      },
      "id": "VAR-202004-1690",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          }
        ],
        "trust": 1.2809049927272729
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:06.367000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2017-2620",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055179/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2620"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28118)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217405"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117314"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2222"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21179"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21179"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055179/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2017-2620"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21179"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21179"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2222"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21179"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21179"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2222"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21179"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21179"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2222"
          },
          {
            "date": "2020-04-27T21:15:13.203000",
            "db": "NVD",
            "id": "CVE-2018-21179"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28118"
          },
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21179"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2222"
          },
          {
            "date": "2024-11-21T04:03:06.250000",
            "db": "NVD",
            "id": "CVE-2018-21179"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2222"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016388"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2222"
          }
        ],
        "trust": 0.6
      }
    }