Search

Find a vulnerability

Search criteria

    43 vulnerabilities found for ex7000 by netgear

    VAR-202110-1807

    Vulnerability from variot - Updated: 2025-08-20 23:06

    NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.

    The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202110-1807",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rax75",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.132"
          },
          {
            "model": "rax35v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r7960p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.2.84"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "v6510-1fxaus",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.80"
          },
          {
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.132"
          },
          {
            "model": "xr300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.68"
          },
          {
            "model": "raxe500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.8.70"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "rs400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.5.1.80"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.120"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "rax38v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.2.84"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.120"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "ms80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.10"
          },
          {
            "model": "rax48",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.70"
          },
          {
            "model": "xr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "rax50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.156"
          },
          {
            "model": "rax40v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.76"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.3.148"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "mr60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.122"
          },
          {
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "rax43",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.106"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.126"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.128"
          },
          {
            "model": "ms60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.122"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.2.84"
          },
          {
            "model": "rax15",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "rax45",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "lax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.30"
          },
          {
            "model": "rax50s",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "rax42",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r7850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.76"
          },
          {
            "model": "raxe450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.8.70"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.3.148"
          },
          {
            "model": "rax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.156"
          },
          {
            "model": "mr80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.10"
          },
          {
            "model": "rax200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.132"
          },
          {
            "model": "d6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex3700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "xr300",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ms60",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "xr1000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6130",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "lax20",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "mr80",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dc112a",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex3800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dgn2200v4",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ms80",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "mr60",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "v6510-1fxaus",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "multiple routers",
            "scope": null,
            "trust": 0.7,
            "vendor": "netgear",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1275"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34983"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Sungur Labs",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1275"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2191"
          }
        ],
        "trust": 1.3
      },
      "cve": "CVE-2021-34983",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "zdi-disclosures@trendmicro.com",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-34983",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "OTHER",
                "availabilityImpact": "None",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2021-021935",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "ZDI",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-34983",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "NONE",
                "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "zdi-disclosures@trendmicro.com",
                "id": "CVE-2021-34983",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2021-021935",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "ZDI",
                "id": "CVE-2021-34983",
                "trust": 0.7,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202110-2191",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1275"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2191"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34983"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-34983"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          },
          {
            "db": "ZDI",
            "id": "ZDI-21-1275"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-34983",
            "trust": 3.9
          },
          {
            "db": "ZDI",
            "id": "ZDI-21-1275",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021935",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-13708",
            "trust": 0.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2191",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1275"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2191"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34983"
          }
        ]
      },
      "id": "VAR-202110-1807",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.42902259035714285
      },
      "last_update_date": "2025-08-20T23:06:15.645000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "NETGEAR has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167951"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1275"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2191"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-306",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34983"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://kb.netgear.com/000064313/security-advisory-for-pre-authentication-buffer-overflow-on-some-extenders-routers-and-dsl-modem-routers-psv-2021-0159"
          },
          {
            "trust": 2.4,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-21-1275/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-34983"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1275"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2191"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34983"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1275"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2191"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34983"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-10-29T00:00:00",
            "db": "ZDI",
            "id": "ZDI-21-1275"
          },
          {
            "date": "2025-08-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          },
          {
            "date": "2021-10-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202110-2191"
          },
          {
            "date": "2024-05-07T23:15:13.573000",
            "db": "NVD",
            "id": "CVE-2021-34983"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-10-29T00:00:00",
            "db": "ZDI",
            "id": "ZDI-21-1275"
          },
          {
            "date": "2025-08-18T05:10:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          },
          {
            "date": "2021-11-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202110-2191"
          },
          {
            "date": "2025-08-14T01:40:56.983000",
            "db": "NVD",
            "id": "CVE-2021-34983"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Vulnerability related to lack of authentication for important functions in multiple NETGEAR products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021935"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2191"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202110-1806

    Vulnerability from variot - Updated: 2025-08-16 23:08

    NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.

    The specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13709. DC112A firmware, EX3700 firmware, EX3800 Multiple Netgear products, including firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202110-1806",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rax35v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r7960p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.2.84"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "v6510-1fxaus",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.80"
          },
          {
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.132"
          },
          {
            "model": "xr300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.68"
          },
          {
            "model": "raxe500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.8.70"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "rs400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.5.1.80"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.120"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "rax38v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.2.84"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.120"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "ms80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.10"
          },
          {
            "model": "rax48",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.70"
          },
          {
            "model": "xr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "rax50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.156"
          },
          {
            "model": "rax40v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.126"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.76"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.3.148"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "mr60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.122"
          },
          {
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "rax43",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.106"
          },
          {
            "model": "rax15",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "rax50s",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.128"
          },
          {
            "model": "ms60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.122"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.2.84"
          },
          {
            "model": "rax45",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "rax75",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.132"
          },
          {
            "model": "lax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.30"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "rax42",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r7850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.76"
          },
          {
            "model": "raxe450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.8.70"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.3.148"
          },
          {
            "model": "rax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.100"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.156"
          },
          {
            "model": "mr80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.10"
          },
          {
            "model": "rax200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.132"
          },
          {
            "model": "mr80",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6130",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7850",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6900p",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dc112a",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6400v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "mr60",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex3800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ms60",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7100lg",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6700v3",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ms80",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "lax20",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex3700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7000p",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "multiple routers",
            "scope": null,
            "trust": 0.7,
            "vendor": "netgear",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34982"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Sungur Labs",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2193"
          }
        ],
        "trust": 1.3
      },
      "cve": "CVE-2021-34982",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "zdi-disclosures@trendmicro.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-34982",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2021-021931",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-34982",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "NONE",
                "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "zdi-disclosures@trendmicro.com",
                "id": "CVE-2021-34982",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2021-021931",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "ZDI",
                "id": "CVE-2021-34982",
                "trust": 0.7,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202110-2193",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2193"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34982"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13709. DC112A firmware, EX3700 firmware, EX3800 Multiple Netgear products, including firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-34982"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          },
          {
            "db": "ZDI",
            "id": "ZDI-21-1274"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-34982",
            "trust": 3.9
          },
          {
            "db": "ZDI",
            "id": "ZDI-21-1274",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021931",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-13709",
            "trust": 0.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2193",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2193"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34982"
          }
        ]
      },
      "id": "VAR-202110-1806",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4290225903571429
      },
      "last_update_date": "2025-08-16T23:08:29.384000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "NETGEAR has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167952"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1274"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2193"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34982"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://kb.netgear.com/000064313/security-advisory-for-pre-authentication-buffer-overflow-on-some-extenders-routers-and-dsl-modem-routers-psv-2021-0159"
          },
          {
            "trust": 2.4,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-21-1274/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-34982"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2193"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34982"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-21-1274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2193"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-34982"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-10-29T00:00:00",
            "db": "ZDI",
            "id": "ZDI-21-1274"
          },
          {
            "date": "2025-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          },
          {
            "date": "2021-10-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202110-2193"
          },
          {
            "date": "2024-05-07T23:15:13.400000",
            "db": "NVD",
            "id": "CVE-2021-34982"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-10-29T00:00:00",
            "db": "ZDI",
            "id": "ZDI-21-1274"
          },
          {
            "date": "2025-08-15T07:39:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          },
          {
            "date": "2021-11-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202110-2193"
          },
          {
            "date": "2025-08-14T01:41:19.343000",
            "db": "NVD",
            "id": "CVE-2021-34982"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Netgear products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-021931"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202110-2193"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201505-0408

    Vulnerability from variot - Updated: 2025-04-13 23:29

    Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005. KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. KCodes NetUSB The kernel driver contains a buffer overflow vulnerability. KCodes NetUSB Is Linux Connected to base embedded devices (home router products, etc.) USB Share devices on the network "USB over IP" To realize the function, Linux Kernel module. Buffer overflow (CWE-120) - CVE-2015-3036 http://cwe.mitre.org/data/definitions/120.html The client NetUSB The data to send when connecting to the server NetUSB A buffer overflow can occur because the kernel driver does not validate properly. For more information SEC Consult Please check the advisory for. SEC Consult Vulnerability Lab Security Advisory < 20150519-0 > https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt In addition, National Vulnerability Database (NVD) Then CWE-119 It is published as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer ( Buffer error ) http://cwe.mitre.org/data/definitions/119.htmlAn attacker on the local network caused a buffer overflow, resulting in a denial of service operation (DoS) An attacker may be able to attack or execute arbitrary code. Depending on the default settings of the device, a remote attack may be possible. KCodes NetUSB is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. SEC Consult Vulnerability Lab Security Advisory < 20150519-0 > ======================================================================= title: Kernel Stack Buffer Overflow product: KCodes NetUSB vulnerable version: see Vulnerable / tested versions fixed version: see Solution CVE number: CVE-2015-3036, VU#177092 impact: Critical homepage: http://www.kcodes.com/ found: 2015-02-23 by: Stefan Viehböck (Office Vienna) SEC Consult Vulnerability Lab

                     An integrated part of SEC Consult
                     Berlin - Frankfurt/Main - Montreal - Singapore
                     Vienna (HQ) - Vilnius - Zurich
    
                     https://www.sec-consult.com
    

    =======================================================================

    Vendor description:

    "The world's premier technology provider of mobile printing, audio and video communication, file sharing, and USB applications for iPhones, iPads, smart phones and tablets (Android and Windows), MacBooks, and Ultrabooks."

    Source: http://www.kcodes.com/

    Vulnerability overview/description:

    NetUSB suffers from a remotely exploitable kernel stack buffer overflow. Because of insufficient input validation, an overly long computer name can be used to overflow the "computer name" kernel stack buffer. This results in memory corruption which can be turned into arbitrary remote code execution.

    Furthermore, a more detailed summary of this advisory has been published at our blog: http://blog.sec-consult.com

    Proof of concept:

    Below is an excerpt from the vulnerable run_init_sbus() function (pseudo code):

    int computername_len; char computername_buf[64]; // connection initiation, handshake len = ks_recv(sock, &computername_len, 4, 0); // ... len = ks_recv(sock, computername_buf, computername_len, 0); // boom!

    A proof of concept "netusb_bof.py" has been developed which exploits the vulnerability. The PoC DoS exploit will not be published as many vendors did not patch the vulnerability yet.

    Example use that results in denial-of-service (kernel memory corruption that results in a device reboot): ./netusb_bof.py 192.168.1.1 20005 500

    Vulnerable / tested versions:

    The vulnerability has been verified to exist in most recent firmware versions of the following devives:

    TP-Link TL-WDR4300 V1 TP-Link WR1043ND v2 NETGEAR WNDR4500

    Furthermore we've identified NetUSB in the most recent firmware version of the following products (list is not necessarily complete!): D-Link DIR-615 C NETGEAR AC1450 NETGEAR CENTRIA (WNDR4700/4720) NETGEAR D6100 NETGEAR D6200 NETGEAR D6300 NETGEAR D6400 NETGEAR DC112A NETGEAR DC112A (Zain) NETGEAR DGND4000 NETGEAR EX6200 NETGEAR EX7000 NETGEAR JNR3000 NETGEAR JNR3210 NETGEAR JR6150 NETGEAR LG6100D NETGEAR PR2000 NETGEAR R6050 NETGEAR R6100 NETGEAR R6200 NETGEAR R6200v2 NETGEAR R6220 NETGEAR R6250 NETGEAR R6300v1 NETGEAR R6300v2 NETGEAR R6700 NETGEAR R7000 NETGEAR R7500 NETGEAR R7900 NETGEAR R8000 NETGEAR WN3500RP NETGEAR WNDR3700v5 NETGEAR WNDR4300 NETGEAR WNDR4300v2 NETGEAR WNDR4500 NETGEAR WNDR4500v2 NETGEAR WNDR4500v3 NETGEAR XAU2511 NETGEAR XAUB2511 TP-LINK Archer C2 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer C20 V1.0 (Not affected) TP-LINK Archer C20i V1.0 (Fix planned before 2015/05/25) TP-LINK Archer C5 V1.2 (Fix planned before 2015/05/22) TP-LINK Archer C5 V2.0 (Fix planned before 2015/05/30) TP-LINK Archer C7 V1.0 (Fix planned before 2015/05/30) TP-LINK Archer C7 V2.0 (Fix already released) TP-LINK Archer C8 V1.0 (Fix planned before 2015/05/30) TP-LINK Archer C9 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer D2 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer D5 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer D7 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer D7B V1.0 (Fix planned before 2015/05/31) TP-LINK Archer D9 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer VR200v V1.0 (Fix already released) TP-LINK TD-VG3511 V1.0 (End-Of-Life) TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/31) TP-LINK TD-W1042ND V1.0 (End-Of-Life) TP-LINK TD-W1043ND V1.0 (End-Of-Life) TP-LINK TD-W8968 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8968 V2.0 (Fix planned before 2015/05/30) TP-LINK TD-W8968 V3.0 (Fix planned before 2015/05/25) TP-LINK TD-W8970 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8970 V3.0 (Fix already released) TP-LINK TD-W8970B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8980 V3.0 (Fix planned before 2015/05/25) TP-LINK TD-W8980B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W9980 V1.0 (Fix already released) TP-LINK TD-W9980B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-WDR4900 V1.0 (End-Of-Life) TP-LINK TL-WR1043ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR1043ND V3.0 (Fix planned before 2015/05/30) TP-LINK TL-WR1045ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR3500 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR3600 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR4300 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR842ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR842ND V1.0 (End-Of-Life) TP-LINK TX-VG1530(GPON) V1.0 (Fix planned before 2015/05/31) Trendnet TE100-MFP1 (v1.0R) Trendnet TEW-632BRP (A1.0R) Trendnet TEW-632BRP (A1.1R/A1.2R) Trendnet TEW-632BRP (A1.1R/A1.2R/A1.3R) Trendnet TEW-634GRU (v1.0R) Trendnet TEW-652BRP (V1.0R) Trendnet TEW-673GRU (v1.0R) Trendnet TEW-811DRU (v1.0R) Trendnet TEW-812DRU (v1.0R) Trendnet TEW-812DRU (v2.xR) Trendnet TEW-813DRU (v1.0R) Trendnet TEW-818DRU (v1.0R) Trendnet TEW-823DRU (v1.0R) Trendnet TEW-MFP1 (v1.0R) Zyxel NBG-419N v2 Zyxel NBG4615 v2 Zyxel NBG5615 Zyxel NBG5715

    Based on information embedded in KCodes drivers we believe the following vendors are affected: Allnet Ambir Technology AMIT Asante Atlantis Corega Digitus D-Link EDIMAX Encore Electronics Engenius Etop Hardlink Hawking IOGEAR LevelOne Longshine NETGEAR PCI PROLiNK Sitecom Taifa TP-LINK TRENDnet Western Digital ZyXEL

    Vendor contact timeline:

    2015-02-28: Contacting vendor through support@kcodes.com 2015-03-04: No response, contacting various KCodes addresses found on the web. 2015-03-05: Vendor responds, requests more information. 2015-03-05: Providing advisory and proof of concept exploit. 2015-03-16: No response, requesting status update. 2015-03-16: Vendor responds, asks about fix verification(?) 2015-03-16: Requesting clarification about fixing status and information about next steps. Proposing conference call dates. 2015-03-19: No response, informing that notification of CERT/CC and selected vendors will start shortly. Requesting clarification about fixing status and information about next steps again. 2015-03-19: Vendor responds, confirms conference call date (2015-03-25). No further information provided. 2015-03-19: Providing advisory and proof of concept exploit to TP-LINK and NETGEAR. 2015-03-25: Vendor cancels conference call on short notice (sudden week-long business trip). 2015-03-26: Asking for support of CERT/CC regarding vendor coordination. 2015-03 - 2015-05: Coordination between CERT & vendors, NETGEAR and TP-LINK 2015-05-13: Notifying German CERT-Bund and Austrian CERT.at 2015-05-19: Coordinated release of security advisory

    Solution:

    TP-LINK has started releasing fixed firmware. The status of affected products can be found in the affected product list above.

    For additional information also see CERT/CC vulnerability notice: http://www.kb.cert.org/vuls/id/177092

    Workaround:

    Sometimes NetUSB can be disabled via the web interface, but at least on NETGEAR devices this does not mitigate the vulnerability. NETGEAR told us, that there is no workaround available, the TCP port can't be firewalled nor is there a way to disable the service on their devices. It ensures the continued knowledge gain of SEC Consult in the field of network and application security to stay ahead of the attacker. The SEC Consult Vulnerability Lab supports high-quality penetration testing and the evaluation of new offensive and defensive technologies for our customers. Hence our customers obtain the most current information about vulnerabilities and valid recommendation about the risk profile of new technologies.

    Interested to work with the experts of SEC Consult?
    Send us your application https://www.sec-consult.com/en/Career.htm
    
    Interested in improving your cyber security with the experts of SEC Consult?
    Contact our local offices https://www.sec-consult.com/en/About/Contact.htm
    

    Mail: research at sec-consult dot com Web: https://www.sec-consult.com Blog: http://blog.sec-consult.com Twitter: https://twitter.com/sec_consult

    EOF Stefan Viehböck / @2015

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "netusb",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "kcodes",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-632brp",
            "scope": null,
            "trust": 1.2,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "kcodes",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "_id": null,
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple vendors",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-812dru",
            "scope": null,
            "trust": 0.6,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "nbg5715",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nbg5615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nbg4615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "v2"
          },
          {
            "_id": null,
            "model": "nbg-419n",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "v20"
          },
          {
            "_id": null,
            "model": "tew-mfp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-823dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-818dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-813dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-811dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-673gru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-652brp",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-634gru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "te100-mfp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tx-vg1530",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr842nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "tl-wr842nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr4300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr3600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr3500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr1045nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "tl-wr1043nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "tl-wr1043nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "td-wdr4900",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w9980b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w9980",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8980b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8980",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "td-w8970b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8970",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "td-w8970",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8968",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "td-w8968",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "td-w8968",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w1043nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w1042nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-vg3631",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-vg3511",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer vr200v",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d7b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer c7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer c5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "archer c20i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer c2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "xaub2511",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "xau2511",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4500v3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4500v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4300v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr3700v5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wn3500rp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r8000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r7900",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r7500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r7000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6700",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6300v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6300v1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6250",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6220",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6200v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6050",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "lg6100d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jnr3000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex7000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dgnd4000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dc112a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "centria wndr4720",
            "scope": null,
            "trust": 0.3,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "centria wndr4700",
            "scope": null,
            "trust": 0.3,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "ac1450",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "netusb",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kcodes",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dir-685",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "d link",
            "version": "2.00"
          },
          {
            "_id": null,
            "model": "dir-615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "d link",
            "version": "3.13"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:misc:multiple_vendors",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Stefan Viehb\u00f6ck from SEC Consult Vulnerability Lab",
        "sources": [
          {
            "db": "BID",
            "id": "74724"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-3036",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-3036",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "availabilityRequirement": "NOT DEFINED",
                "baseScore": 5.7,
                "collateralDamagePotential": "NOT DEFINED",
                "confidentialityImpact": "NONE",
                "confidentialityRequirement": "NOT DEFINED",
                "enviromentalScore": 3.7,
                "exploitability": "PROOF-OF-CONCEPT",
                "exploitabilityScore": 5.5,
                "id": "CVE-2015-3036",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "integrityRequirement": "NOT DEFINED",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "remediationLevel": "WORKAROUND",
                "reportConfidence": "CONFIRMED",
                "severity": "MEDIUM",
                "targetDistribution": "MEDIUM",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vector_string": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-3036",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-3036",
                "trust": 0.8,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-3036",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201505-429",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-3036",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005. KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. KCodes NetUSB The kernel driver contains a buffer overflow vulnerability. KCodes NetUSB Is Linux Connected to base embedded devices (home router products, etc.) USB Share devices on the network \"USB over IP\" To realize the function, Linux Kernel module. Buffer overflow (CWE-120) - CVE-2015-3036 http://cwe.mitre.org/data/definitions/120.html The client NetUSB The data to send when connecting to the server NetUSB A buffer overflow can occur because the kernel driver does not validate properly. For more information SEC Consult Please check the advisory for. SEC Consult Vulnerability Lab Security Advisory \u003c 20150519-0 \u003e https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt In addition, National Vulnerability Database (NVD) Then CWE-119 It is published as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer ( Buffer error ) http://cwe.mitre.org/data/definitions/119.htmlAn attacker on the local network caused a buffer overflow, resulting in a denial of service operation (DoS) An attacker may be able to attack or execute arbitrary code. Depending on the default settings of the device, a remote attack may be possible. KCodes NetUSB is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. SEC Consult Vulnerability Lab Security Advisory \u003c 20150519-0 \u003e\n=======================================================================\n              title: Kernel Stack Buffer Overflow\n            product: KCodes NetUSB\n vulnerable version: see Vulnerable / tested versions\n      fixed version: see Solution\n         CVE number: CVE-2015-3036, VU#177092\n             impact: Critical\n           homepage: http://www.kcodes.com/\n              found: 2015-02-23\n                 by: Stefan Viehb\u00f6ck (Office Vienna)\n                     SEC Consult Vulnerability Lab\n\n                     An integrated part of SEC Consult\n                     Berlin - Frankfurt/Main - Montreal - Singapore\n                     Vienna (HQ) - Vilnius - Zurich\n\n                     https://www.sec-consult.com\n\n=======================================================================\n\nVendor description:\n-------------------\n\"The world\u0027s premier technology provider of mobile printing, audio and\nvideo communication, file sharing, and USB applications for iPhones,\niPads, smart phones and tablets (Android and Windows), MacBooks, and\nUltrabooks.\"\n\nSource: http://www.kcodes.com/\n\n\nVulnerability overview/description:\n-----------------------------------\nNetUSB suffers from a remotely exploitable kernel stack buffer overflow. \nBecause of insufficient input validation, an overly long computer name can be\nused to overflow the \"computer name\" kernel stack buffer. This results in\nmemory corruption which can be turned into arbitrary remote code execution. \n\nFurthermore, a more detailed summary of this advisory has been published at our\nblog: http://blog.sec-consult.com\n\n\nProof of concept:\n-----------------\nBelow is an excerpt from the vulnerable run_init_sbus() function (pseudo code):\n\nint computername_len;\nchar computername_buf[64];\n// connection initiation, handshake\nlen = ks_recv(sock, \u0026computername_len, 4, 0);\n// ... \nlen = ks_recv(sock, computername_buf, computername_len, 0); // boom!\n\nA proof of concept \"netusb_bof.py\" has been developed which exploits the\nvulnerability. The PoC DoS exploit will not be published as many vendors\ndid not patch the vulnerability yet. \n\nExample use that results in denial-of-service (kernel memory corruption that\nresults in a device reboot):\n./netusb_bof.py 192.168.1.1 20005 500\n\n\nVulnerable / tested versions:\n-----------------------------\nThe vulnerability has been verified to exist in most recent firmware versions\nof the following devives:\n\nTP-Link TL-WDR4300 V1\nTP-Link WR1043ND v2\nNETGEAR WNDR4500\n\nFurthermore we\u0027ve identified NetUSB in the most recent firmware version of the\nfollowing products (list is not necessarily complete!):\nD-Link DIR-615 C\nNETGEAR AC1450\nNETGEAR CENTRIA (WNDR4700/4720)\nNETGEAR D6100\nNETGEAR D6200\nNETGEAR D6300\nNETGEAR D6400\nNETGEAR DC112A\nNETGEAR DC112A (Zain)\nNETGEAR DGND4000\nNETGEAR EX6200\nNETGEAR EX7000\nNETGEAR JNR3000\nNETGEAR JNR3210\nNETGEAR JR6150\nNETGEAR LG6100D\nNETGEAR PR2000\nNETGEAR R6050\nNETGEAR R6100\nNETGEAR R6200\nNETGEAR R6200v2\nNETGEAR R6220\nNETGEAR R6250\nNETGEAR R6300v1\nNETGEAR R6300v2\nNETGEAR R6700\nNETGEAR R7000\nNETGEAR R7500\nNETGEAR R7900\nNETGEAR R8000\nNETGEAR WN3500RP\nNETGEAR WNDR3700v5\nNETGEAR WNDR4300\nNETGEAR WNDR4300v2\nNETGEAR WNDR4500\nNETGEAR WNDR4500v2\nNETGEAR WNDR4500v3\nNETGEAR XAU2511\nNETGEAR XAUB2511\nTP-LINK Archer C2 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer C20 V1.0 (Not affected)\nTP-LINK Archer C20i V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer C5 V1.2 (Fix planned before 2015/05/22)\nTP-LINK Archer C5 V2.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C7 V1.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C7 V2.0 (Fix already released)\nTP-LINK Archer C8 V1.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C9 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer D2 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer D5 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer D7 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer D7B V1.0 (Fix planned before 2015/05/31)\nTP-LINK Archer D9 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer VR200v V1.0 (Fix already released)\nTP-LINK TD-VG3511 V1.0 (End-Of-Life)\nTP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/31)\nTP-LINK TD-W1042ND V1.0 (End-Of-Life)\nTP-LINK TD-W1043ND V1.0 (End-Of-Life)\nTP-LINK TD-W8968 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8968 V2.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8968 V3.0 (Fix planned before 2015/05/25)\nTP-LINK TD-W8970 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8970 V3.0 (Fix already released)\nTP-LINK TD-W8970B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8980 V3.0 (Fix planned before 2015/05/25)\nTP-LINK TD-W8980B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W9980 V1.0 (Fix already released)\nTP-LINK TD-W9980B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-WDR4900 V1.0 (End-Of-Life)\nTP-LINK TL-WR1043ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR1043ND V3.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR1045ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR3500 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR3600 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR4300 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR842ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR842ND V1.0 (End-Of-Life)\nTP-LINK TX-VG1530(GPON) V1.0 (Fix planned before 2015/05/31)\nTrendnet TE100-MFP1 (v1.0R)\nTrendnet TEW-632BRP (A1.0R)\nTrendnet TEW-632BRP (A1.1R/A1.2R)\nTrendnet TEW-632BRP (A1.1R/A1.2R/A1.3R)\nTrendnet TEW-634GRU (v1.0R)\nTrendnet TEW-652BRP (V1.0R)\nTrendnet TEW-673GRU (v1.0R)\nTrendnet TEW-811DRU (v1.0R)\nTrendnet TEW-812DRU (v1.0R)\nTrendnet TEW-812DRU (v2.xR)\nTrendnet TEW-813DRU (v1.0R)\nTrendnet TEW-818DRU (v1.0R)\nTrendnet TEW-823DRU (v1.0R)\nTrendnet TEW-MFP1 (v1.0R)\nZyxel NBG-419N v2\nZyxel NBG4615 v2\nZyxel NBG5615\nZyxel NBG5715\n\nBased on information embedded in KCodes drivers we believe the following\nvendors are affected:\nAllnet\nAmbir Technology\nAMIT\nAsante\nAtlantis\nCorega\nDigitus\nD-Link\nEDIMAX\nEncore Electronics\nEngenius\nEtop\nHardlink\nHawking\nIOGEAR\nLevelOne\nLongshine\nNETGEAR\nPCI\nPROLiNK\nSitecom\nTaifa\nTP-LINK\nTRENDnet\nWestern Digital\nZyXEL\n\n\nVendor contact timeline:\n------------------------\n2015-02-28: Contacting vendor through support@kcodes.com\n2015-03-04: No response, contacting various KCodes addresses found on the web. \n2015-03-05: Vendor responds, requests more information. \n2015-03-05: Providing advisory and proof of concept exploit. \n2015-03-16: No response, requesting status update. \n2015-03-16: Vendor responds, asks about fix verification(?)\n2015-03-16: Requesting clarification about fixing status and information about\n            next steps. Proposing conference call dates. \n2015-03-19: No response, informing that notification of CERT/CC and selected\n            vendors will start shortly. Requesting clarification about fixing\n            status and information about next steps again. \n2015-03-19: Vendor responds, confirms conference call date (2015-03-25). No\n            further information provided. \n2015-03-19: Providing advisory and proof of concept exploit to TP-LINK and\n            NETGEAR. \n2015-03-25: Vendor cancels conference call on short notice (sudden week-long\n            business trip). \n2015-03-26: Asking for support of CERT/CC regarding vendor coordination. \n2015-03 - 2015-05: Coordination between CERT \u0026 vendors, NETGEAR and TP-LINK\n2015-05-13: Notifying German CERT-Bund and Austrian CERT.at\n2015-05-19: Coordinated release of security advisory\n\n\nSolution:\n---------\nTP-LINK has started releasing fixed firmware. The status of affected products\ncan be found in the affected product list above. \n\nFor additional information also see CERT/CC vulnerability notice:\nhttp://www.kb.cert.org/vuls/id/177092\n\n\nWorkaround:\n-----------\nSometimes NetUSB can be disabled via the web interface, but at least on NETGEAR\ndevices this does not mitigate the vulnerability. NETGEAR told us, that there is\nno workaround available, the TCP port can\u0027t be firewalled nor is there a way to\ndisable the service on their devices. It\nensures the continued knowledge gain of SEC Consult in the field of network\nand application security to stay ahead of the attacker. The SEC Consult\nVulnerability Lab supports high-quality penetration testing and the evaluation\nof new offensive and defensive technologies for our customers. Hence our\ncustomers obtain the most current information about vulnerabilities and valid\nrecommendation about the risk profile of new technologies. \n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nInterested to work with the experts of SEC Consult?\nSend us your application https://www.sec-consult.com/en/Career.htm\n\nInterested in improving your cyber security with the experts of SEC Consult?\nContact our local offices https://www.sec-consult.com/en/About/Contact.htm\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nMail: research at sec-consult dot com\nWeb: https://www.sec-consult.com\nBlog: http://blog.sec-consult.com\nTwitter: https://twitter.com/sec_consult\n\nEOF Stefan Viehb\u00f6ck / @2015\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          },
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "PACKETSTORM",
            "id": "131987"
          }
        ],
        "trust": 2.79
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.kb.cert.org/vuls/id/177092",
            "trust": 0.8,
            "type": "poc"
          },
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=38566",
            "trust": 0.2,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#177092",
            "trust": 3.7
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "74724",
            "trust": 1.4
          },
          {
            "db": "PACKETSTORM",
            "id": "131987",
            "trust": 1.2
          },
          {
            "db": "SECTRACK",
            "id": "1032377",
            "trust": 1.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133919",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "38566",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "38454",
            "trust": 1.1
          },
          {
            "db": "JVN",
            "id": "JVNVU90185396",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "trust": 0.6
          },
          {
            "db": "DLINK",
            "id": "SAP10057",
            "trust": 0.3
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "PACKETSTORM",
            "id": "131987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "id": "VAR-201505-0408",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5346243894594594
      },
      "last_update_date": "2025-04-13T23:29:37.607000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "USB Over IP (NetUSB)",
            "trust": 0.8,
            "url": "http://www.kcodes.com/product/usb_01.html"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2015/05/20/netusb_router_fail/"
          },
          {
            "title": "TD-W8970-NetUSB-Fix-v1-",
            "trust": 0.1,
            "url": "https://github.com/Leproide/TD-W8970-NetUSB-Fix-v1- "
          },
          {
            "title": "NetUSB-exploit",
            "trust": 0.1,
            "url": "https://github.com/funsecurity/NetUSB-exploit "
          },
          {
            "title": "MiraiSecurity",
            "trust": 0.1,
            "url": "https://github.com/pandazheng/MiraiSecurity "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/details-surface-on-unpatched-kcodes-netusb-bug/112910/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.6,
            "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_kcodes_netusb_kernel_stack_buffer_overflow_v10.txt"
          },
          {
            "trust": 3.3,
            "url": "http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html"
          },
          {
            "trust": 2.9,
            "url": "http://www.kb.cert.org/vuls/id/177092"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/74724"
          },
          {
            "trust": 1.2,
            "url": "https://www.exploit-db.com/exploits/38566/"
          },
          {
            "trust": 1.1,
            "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10057"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/131987/kcodes-netusb-buffer-overflow.html"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2015/may/74"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1032377"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/133919/netusb-stack-buffer-overflow.html"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2015/oct/50"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/38454/"
          },
          {
            "trust": 0.8,
            "url": "http://kb.netgear.com/app/answers/detail/a_id/28393/"
          },
          {
            "trust": 0.8,
            "url": "http://www.trendnet.com/support/view.asp?cat=4\u0026id=58"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3036"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90185396/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3036"
          },
          {
            "trust": 0.3,
            "url": "http://www.kcodes.com/product/usb_01.html"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/funsecurity/netusb-exploit"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/leproide/td-w8970-netusb-fix-v1-"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com/en/career.htm"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3036"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com/en/about/contact.htm"
          },
          {
            "trust": 0.1,
            "url": "https://twitter.com/sec_consult"
          },
          {
            "trust": 0.1,
            "url": "http://blog.sec-consult.com"
          },
          {
            "trust": 0.1,
            "url": "http://www.kcodes.com/"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com/en/vulnerability-lab/advisories.htm"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "PACKETSTORM",
            "id": "131987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#177092",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "ident": null
          },
          {
            "db": "BID",
            "id": "74724",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131987",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-05-19T00:00:00",
            "db": "CERT/CC",
            "id": "VU#177092",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "ident": null
          },
          {
            "date": "2015-05-19T00:00:00",
            "db": "BID",
            "id": "74724",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "ident": null
          },
          {
            "date": "2015-05-21T14:44:44",
            "db": "PACKETSTORM",
            "id": "131987",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "ident": null
          },
          {
            "date": "2015-05-21T01:59:27.087000",
            "db": "NVD",
            "id": "CVE-2015-3036",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-06-05T00:00:00",
            "db": "CERT/CC",
            "id": "VU#177092",
            "ident": null
          },
          {
            "date": "2016-12-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "ident": null
          },
          {
            "date": "2015-12-08T22:03:00",
            "db": "BID",
            "id": "74724",
            "ident": null
          },
          {
            "date": "2015-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-3036",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "KCodes NetUSB kernel driver is vulnerable to buffer overflow",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1636

    Vulnerability from variot - Updated: 2024-11-23 23:11

    plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1636",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.14"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.18"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.34"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "d500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "d1500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.22"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.22"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.82_1.1.117"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.6"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.34_1.0.70"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.94"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d1500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          }
        ]
      },
      "cve": "CVE-2018-21231",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21231",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016407",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21231",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.1,
                "id": "CVE-2018-21231",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.4,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016407",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21231",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21231",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016407",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2129",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21231",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          }
        ],
        "trust": 0.81
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21231",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21231",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "id": "VAR-202004-1636",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4058950425581395
      },
      "last_update_date": "2024-11-23T23:11:26.757000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Security Misconfiguration on Some Routers, Gateways, and Extenders, PSV-2016-0102",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
          },
          {
            "title": "Multiple NETGEAR Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117052"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055103/security-advisory-for-security-misconfiguration-on-some-routers-gateways-and-extenders-psv-2016-0102"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21231"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21231"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "date": "2020-04-24T15:15:13.003000",
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "date": "2024-11-21T04:03:14.407000",
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1350

    Vulnerability from variot - Updated: 2024-11-23 23:07

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6130 before 1.0.0.16, EX6400 before 1.0.1.60, EX7000 before 1.0.0.50, EX7300 before 1.0.1.60, and WN2500RPv2 before 1.0.1.46. plural NETGEAR An unspecified vulnerability exists in the device.Information may be tampered with. NETGEAR EX7000, etc. are all a wireless network signal extender of NETGEAR company. No detailed vulnerability details are currently provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1350",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.16"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "ex6130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.16"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "wn2500rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.46"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18746"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2500rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          }
        ]
      },
      "cve": "CVE-2017-18746",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2017-18746",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014935",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-57162",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18746",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18746",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014935",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18746",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18746",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014935",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-57162",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2005",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2005"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18746"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18746"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6130 before 1.0.0.16, EX6400 before 1.0.1.60, EX7000 before 1.0.0.50, EX7300 before 1.0.1.60, and WN2500RPv2 before 1.0.1.46. plural NETGEAR An unspecified vulnerability exists in the device.Information may be tampered with. NETGEAR EX7000, etc. are all a wireless network signal extender of NETGEAR company. No detailed vulnerability details are currently provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18746"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18746",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2005",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2005"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18746"
          }
        ]
      },
      "id": "VAR-202004-1350",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          }
        ],
        "trust": 0.9540767866666666
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:07:58.740000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Security Misconfiguration on Some Extenders, PSV-2016-0253",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000051508/Security-Advisory-for-Security-Misconfiguration-on-Some-Extenders-PSV-2016-0253"
          },
          {
            "title": "Patch for NETGEAR has an unspecified vulnerability (CNVD-2021-57162)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/283606"
          },
          {
            "title": "Multiple NETGEAR Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116765"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2005"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18746"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18746"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000051508/security-advisory-for-security-misconfiguration-on-some-extenders-psv-2016-0253"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18746"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2005"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18746"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2005"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18746"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          },
          {
            "date": "2020-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2005"
          },
          {
            "date": "2020-04-23T16:15:12.807000",
            "db": "NVD",
            "id": "CVE-2017-18746"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-57162"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2005"
          },
          {
            "date": "2024-11-21T03:20:49.290000",
            "db": "NVD",
            "id": "CVE-2017-18746"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2005"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014935"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2005"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2302

    Vulnerability from variot - Updated: 2024-11-23 23:03

    Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.68, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. This affects EAX80 prior to 1.0.1.62, EX7000 prior to 1.0.1.104, R6120 prior to 1.0.0.76, R6220 prior to 1.1.0.110, R6230 prior to 1.1.0.110, R6260 prior to 1.1.0.78, R6850 prior to 1.1.0.78, R6350 prior to 1.1.0.78, R6330 prior to 1.1.0.78, R6800 prior to 1.2.0.76, R6900v2 prior to 1.2.0.76, R6700v2 prior to 1.2.0.76, R7000 prior to 1.0.11.116, R6900P prior to 1.3.3.140, R7000P prior to 1.3.3.140, R7200 prior to 1.2.0.76, R7350 prior to 1.2.0.76, R7400 prior to 1.2.0.76, R7450 prior to 1.2.0.76, AC2100 prior to 1.2.0.76, AC2400 prior to 1.2.0.76, AC2600 prior to 1.2.0.76, R7900 prior to 1.0.4.38, R7960P prior to 1.4.1.66, R8000 prior to 1.0.4.68, R7900P prior to 1.4.1.66, R8000P prior to 1.4.1.66, RAX15 prior to 1.0.2.82, RAX20 prior to 1.0.2.82, RAX200 prior to 1.0.3.106, RAX45 prior to 1.0.2.72, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.3.106, and RAX80 prior to 1.0.3.106

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2302",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rax45",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.72"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.38"
          },
          {
            "model": "ac2100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "rax75",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.106"
          },
          {
            "model": "r7350",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "r6350",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.78"
          },
          {
            "model": "ac2400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.68"
          },
          {
            "model": "rax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.82"
          },
          {
            "model": "ac2600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "r7450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.3.140"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "r6330",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.78"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "r7960p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.66"
          },
          {
            "model": "r7200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.116"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.66"
          },
          {
            "model": "rax15",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.82"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.110"
          },
          {
            "model": "eax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "r7400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.104"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.66"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.110"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.3.140"
          },
          {
            "model": "rax50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.72"
          },
          {
            "model": "rax200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.106"
          },
          {
            "model": "r6850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.78"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.78"
          },
          {
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.106"
          },
          {
            "model": "r6850",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6350",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6260",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "eax80",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6330",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6230",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45647"
          }
        ]
      },
      "cve": "CVE-2021-45647",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-45647",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-45647",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-45647",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45647",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45647",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45647",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45647",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2441",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2441"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45647"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45647"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.68, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. This affects EAX80 prior to 1.0.1.62, EX7000 prior to 1.0.1.104, R6120 prior to 1.0.0.76, R6220 prior to 1.1.0.110, R6230 prior to 1.1.0.110, R6260 prior to 1.1.0.78, R6850 prior to 1.1.0.78, R6350 prior to 1.1.0.78, R6330 prior to 1.1.0.78, R6800 prior to 1.2.0.76, R6900v2 prior to 1.2.0.76, R6700v2 prior to 1.2.0.76, R7000 prior to 1.0.11.116, R6900P prior to 1.3.3.140, R7000P prior to 1.3.3.140, R7200 prior to 1.2.0.76, R7350 prior to 1.2.0.76, R7400 prior to 1.2.0.76, R7450 prior to 1.2.0.76, AC2100 prior to 1.2.0.76, AC2400 prior to 1.2.0.76, AC2600 prior to 1.2.0.76, R7900 prior to 1.0.4.38, R7960P prior to 1.4.1.66, R8000 prior to 1.0.4.68, R7900P prior to 1.4.1.66, R8000P prior to 1.4.1.66, RAX15 prior to 1.0.2.82, RAX20 prior to 1.0.2.82, RAX200 prior to 1.0.3.106, RAX45 prior to 1.0.2.72, RAX50 prior to 1.0.2.72, RAX75 prior to 1.0.3.106, and RAX80 prior to 1.0.3.106",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45647"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45647"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45647",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2441",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45647",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45647"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2441"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45647"
          }
        ]
      },
      "id": "VAR-202112-2302",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.38866162
      },
      "last_update_date": "2024-11-23T23:03:57.971000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Sensitive\u00a0Information\u00a0Disclosure\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Extenders,\u00a0PSV-2020-0184",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064118/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Extenders-PSV-2020-0184"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176203"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2441"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.0
          },
          {
            "problemtype": "information leak (CWE-200) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45647"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064118/security-advisory-for-sensitive-information-disclosure-on-some-routers-and-extenders-psv-2020-0184"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45647"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45647"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2441"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45647"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45647"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2441"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45647"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45647"
          },
          {
            "date": "2023-01-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2441"
          },
          {
            "date": "2021-12-26T01:15:19.963000",
            "db": "NVD",
            "id": "CVE-2021-45647"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45647"
          },
          {
            "date": "2023-01-25T01:50:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          },
          {
            "date": "2022-01-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2441"
          },
          {
            "date": "2024-11-21T06:32:46.533000",
            "db": "NVD",
            "id": "CVE-2021-45647"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2441"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Device information disclosure vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017539"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2441"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0753

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0753",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.36"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.28"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.10"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "dgnd2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dgnd2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "dgnd2200bv4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.110"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20733"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          }
        ]
      },
      "cve": "CVE-2019-20733",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20733",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015450",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2021-61059",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20733",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20733",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015450",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20733",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20733",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015450",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-61059",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1344",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1344"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20733"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20733"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20733"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20733",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1344",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1344"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20733"
          }
        ]
      },
      "id": "VAR-202004-0753",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          }
        ],
        "trust": 1.1024362164864865
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:25.029000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2017",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61059)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/285361"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20733"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20733"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061193/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2017"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20733"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1344"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20733"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1344"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20733"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1344"
          },
          {
            "date": "2020-04-16T20:15:13.490000",
            "db": "NVD",
            "id": "CVE-2019-20733"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61059"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1344"
          },
          {
            "date": "2024-11-21T04:39:12.980000",
            "db": "NVD",
            "id": "CVE-2019-20733"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015450"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1344"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0900

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Certain NETGEAR devices are affected by CSRF. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, and WN2500RPv2 before 1.0.1.54. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR EX7000, etc. NETGEAR EX7000 is a wireless network signal extender. NETGEAR EX6200 is a wireless network signal extender. NETGEAR D3600 is a wireless modem. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send an unexpected request to the server through the affected client

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0900",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "ex6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20691"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Niemand",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1275"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20691",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-20691",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015394",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-30756",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20691",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20691",
                "impactScore": 5.5,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015394",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20691",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20691",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015394",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-30756",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1275",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1275"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20691"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20691"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by CSRF. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, and WN2500RPv2 before 1.0.1.54. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR EX7000, etc. NETGEAR EX7000 is a wireless network signal extender. NETGEAR EX6200 is a wireless network signal extender. NETGEAR D3600 is a wireless modem. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send an unexpected request to the server through the affected client",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20691"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20691",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1275",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1275"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20691"
          }
        ]
      },
      "id": "VAR-202004-0900",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          }
        ],
        "trust": 1.1005045833333333
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:24.876000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Cross Site Request Forgery on Some Gateways and Extenders, PSV-2017-2747",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061448/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Gateways-and-Extenders-PSV-2017-2747"
          },
          {
            "title": "Patch for Multiple NETGEAR products cross-site request forgery vulnerability (CNVD-2020-30756)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219513"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20691"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20691"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061448/security-advisory-for-cross-site-request-forgery-on-some-gateways-and-extenders-psv-2017-2747"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20691"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1275"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20691"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1275"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20691"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1275"
          },
          {
            "date": "2020-04-16T19:15:23.447000",
            "db": "NVD",
            "id": "CVE-2019-20691"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30756"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1275"
          },
          {
            "date": "2024-11-21T04:39:05.687000",
            "db": "NVD",
            "id": "CVE-2019-20691"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1275"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site request forgery vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015394"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1275"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2309

    Vulnerability from variot - Updated: 2024-11-23 23:00

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6700v3 prior to 1.0.2.66, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR20 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBR50 prior to 2.3.0.32, RBS20 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.56, and XR500 prior to 2.3.2.56

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2309",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.34"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "dgn2200bv4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.109"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.56"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "xr450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.56"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.44"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.53"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d8500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dc112a",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "cve": "CVE-2021-45640",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-45640",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2021-45640",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 0.5,
                "id": "CVE-2021-45640",
                "impactScore": 3.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45640",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45640",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45640",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45640",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2436",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6700v3 prior to 1.0.2.66, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR20 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBR50 prior to 2.3.0.32, RBS20 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.56, and XR500 prior to 2.3.2.56",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45640"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45640",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45640",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "id": "VAR-202112-2309",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.43955887916666675
      },
      "last_update_date": "2024-11-23T23:00:59.703000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Security\u00a0Misconfiguration\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2018-0228",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064045/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0228"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176674"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064045/security-advisory-for-security-misconfiguration-on-some-routers-extenders-and-wifi-systems-psv-2018-0228"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45640"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "date": "2023-01-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "date": "2021-12-26T01:15:19.643000",
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45640"
          },
          {
            "date": "2023-01-24T05:26:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          },
          {
            "date": "2022-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          },
          {
            "date": "2024-11-21T06:32:45.090000",
            "db": "NVD",
            "id": "CVE-2021-45640"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017516"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2436"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1351

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6130 before 1.0.0.16, EX6400 before 1.0.1.60, EX7000 before 1.0.0.50, EX7300 before 1.0.1.60, and WN2500RPv2 before 1.0.1.46. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR. The vulnerability stems from the network system or product not correctly verifying the input data. No detailed vulnerability details are currently provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1351",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.16"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "ex6130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.16"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "wn2500rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2500rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          }
        ]
      },
      "cve": "CVE-2017-18747",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2017-18747",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014866",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-50920",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18747",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18747",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014866",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18747",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18747",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014866",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-50920",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1988",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6130 before 1.0.0.16, EX6400 before 1.0.1.60, EX7000 before 1.0.0.50, EX7300 before 1.0.1.60, and WN2500RPv2 before 1.0.1.46. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR. The vulnerability stems from the network system or product not correctly verifying the input data. No detailed vulnerability details are currently provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18747",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "id": "VAR-202004-1351",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          }
        ],
        "trust": 1.208484782
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:18.644000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Security Misconfiguration on Some Extenders, PSV-2016-0115",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000051507/Security-Advisory-for-Security-Misconfiguration-on-Some-Extenders-PSV-2016-0115"
          },
          {
            "title": "Patch for Multiple NETGEAR products input verification error vulnerability (CNVD-2021-50920)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/279126"
          },
          {
            "title": "Multiple NETGEAR Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116751"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18747"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000051507/security-advisory-for-security-misconfiguration-on-some-extenders-psv-2016-0115"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18747"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "date": "2020-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "date": "2020-04-23T16:15:12.883000",
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "date": "2024-11-21T03:20:49.440000",
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Input verification vulnerabilities on devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2328

    Vulnerability from variot - Updated: 2024-11-23 22:57

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 3.2.18.2, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, EX3700 prior to 1.0.0.94, EX3800 prior to 1.0.0.94, EX6120 prior to 1.0.0.64, EX6130 prior to 1.0.0.44, EX7000 prior to 1.0.1.104, EX7500 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6300v2 prior to 1.0.4.52, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.106, R6700v3 prior to 1.0.4.106, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.126, R7000P prior to 1.3.3.140, R7100LG prior to 1.0.0.72, R7850 prior to 1.0.5.74, R7900 prior to 1.0.4.46, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.74, R8000P prior to 1.4.2.84, R8300 prior to 1.0.2.154, R8500 prior to 1.0.2.154, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2328",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rbr750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "mr60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.6.116"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ms60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.6.116"
          },
          {
            "model": "rax45",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.96"
          },
          {
            "model": "rax15",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.96"
          },
          {
            "model": "rbk752",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.2.84"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.2.84"
          },
          {
            "model": "eax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "rax43",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.96"
          },
          {
            "model": "cbr750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.18.2"
          },
          {
            "model": "eax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "rbr850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "r7850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.74"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.46"
          },
          {
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.120"
          },
          {
            "model": "rs400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.5.1.80"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.154"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.3.140"
          },
          {
            "model": "rbs750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "cbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.0.24"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.106"
          },
          {
            "model": "xr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "rbs850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "rax50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.96"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "rax40v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.96"
          },
          {
            "model": "lax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.6.28"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.3.140"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "rax35v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.96"
          },
          {
            "model": "rbk852",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "rax200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.120"
          },
          {
            "model": "xr300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.68"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.74"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.154"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.52"
          },
          {
            "model": "r7960p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.2.84"
          },
          {
            "model": "rax75",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.120"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.104"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.126"
          },
          {
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "rax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.96"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.106"
          },
          {
            "model": "rax35v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "eax20",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "cbr750",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rax200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rax20",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rax40v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rax15",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "eax80",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "cbr40",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rax43",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45621"
          }
        ]
      },
      "cve": "CVE-2021-45621",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-45621",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-45621",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 9.6,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-45621",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45621",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45621",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45621",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45621",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2417",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2417"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45621"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45621"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 3.2.18.2, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, EX3700 prior to 1.0.0.94, EX3800 prior to 1.0.0.94, EX6120 prior to 1.0.0.64, EX6130 prior to 1.0.0.44, EX7000 prior to 1.0.1.104, EX7500 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6300v2 prior to 1.0.4.52, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.106, R6700v3 prior to 1.0.4.106, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.126, R7000P prior to 1.3.3.140, R7100LG prior to 1.0.0.72, R7850 prior to 1.0.5.74, R7900 prior to 1.0.4.46, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.74, R8000P prior to 1.4.2.84, R8300 prior to 1.0.2.154, R8500 prior to 1.0.2.154, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45621"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45621",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2417",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45621",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2417"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45621"
          }
        ]
      },
      "id": "VAR-202112-2328",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.3596940220833333
      },
      "last_update_date": "2024-11-23T22:57:50.345000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0562",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562"
          },
          {
            "title": "Netgear RBR750  and NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176396"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2417"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          },
          {
            "problemtype": "Command injection (CWE-77) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45621"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064523/security-advisory-for-pre-authentication-command-injection-on-some-routers-extenders-and-wifi-systems-psv-2020-0562"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45621"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2417"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45621"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45621"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2417"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45621"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45621"
          },
          {
            "date": "2023-01-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2417"
          },
          {
            "date": "2021-12-26T01:15:18.757000",
            "db": "NVD",
            "id": "CVE-2021-45621"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45621"
          },
          {
            "date": "2023-01-25T02:07:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          },
          {
            "date": "2022-01-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2417"
          },
          {
            "date": "2024-11-21T06:32:41.920000",
            "db": "NVD",
            "id": "CVE-2021-45621"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2417"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017547"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2417"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1186

    Vulnerability from variot - Updated: 2024-11-23 22:54

    Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1186",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.186"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.36"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.40"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.42"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "jr6150",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex8000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "pr2000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6020",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "cve": "CVE-2020-35787",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2020-35787",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.0,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.1,
                "id": "CVE-2020-35787",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.0,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-014979",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-35787",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-35787",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-35787",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1789",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-35787",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "id": "VAR-202012-1186",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.36104530079999997
      },
      "last_update_date": "2024-11-23T22:54:56.981000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Range\u00a0Extenders,\u00a0PSV-2018-0379",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062710/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Range-Extenders-PSV-2018-0379"
          },
          {
            "title": "NETGEAR Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138158"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062710/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-and-range-extenders-psv-2018-0379"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35787"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "date": "2020-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "date": "2020-12-30T00:15:13.533000",
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T06:17:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "date": "2021-01-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "date": "2024-11-21T05:28:05.810000",
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2196

    Vulnerability from variot - Updated: 2024-11-23 22:54

    Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7000 before 1.0.1.80, R6400 before 1.0.1.50, R6400v2 before 1.0.4.118, R6700 before 1.0.2.8, R6700v3 before 1.0.4.118, R6900 before 1.0.2.8, R6900P before 1.3.2.124, R7000 before 1.0.9.88, R7000P before 1.3.2.124, R7900 before 1.0.3.18, R7900P before 1.4.1.50, R8000 before 1.0.4.46, R8000P before 1.4.1.50, RAX80 before 1.0.1.56, and WNR3500Lv2 before 1.2.0.62. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects EX7000 prior to 1.0.1.80, R6400 prior to 1.0.1.50, R6400v2 prior to 1.0.4.118, R6700 prior to 1.0.2.8, R6700v3 prior to 1.0.4.118, R6900 prior to 1.0.2.8, R6900P prior to 1.3.2.124, R7000 prior to 1.0.9.88, R7000P prior to 1.3.2.124, R7900 prior to 1.0.3.18, R7900P prior to 1.4.1.50, R8000 prior to 1.0.4.46, R8000P prior to 1.4.1.50, RAX80 prior to 1.0.1.56, and WNR3500Lv2 prior to 1.2.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2196",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.18"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.88"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.46"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.8"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.118"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.118"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.80"
          },
          {
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.8"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "r7000p",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7900",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6900p",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6700v3",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6400v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6900",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45525"
          }
        ]
      },
      "cve": "CVE-2021-45525",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-45525",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-45525",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2021-45525",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45525",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45525",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45525",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45525",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2343",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-45525",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45525"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2343"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45525"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45525"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7000 before 1.0.1.80, R6400 before 1.0.1.50, R6400v2 before 1.0.4.118, R6700 before 1.0.2.8, R6700v3 before 1.0.4.118, R6900 before 1.0.2.8, R6900P before 1.3.2.124, R7000 before 1.0.9.88, R7000P before 1.3.2.124, R7900 before 1.0.3.18, R7900P before 1.4.1.50, R8000 before 1.0.4.46, R8000P before 1.4.1.50, RAX80 before 1.0.1.56, and WNR3500Lv2 before 1.2.0.62. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects EX7000 prior to 1.0.1.80, R6400 prior to 1.0.1.50, R6400v2 prior to 1.0.4.118, R6700 prior to 1.0.2.8, R6700v3 prior to 1.0.4.118, R6900 prior to 1.0.2.8, R6900P prior to 1.3.2.124, R7000 prior to 1.0.9.88, R7000P prior to 1.3.2.124, R7900 prior to 1.0.3.18, R7900P prior to 1.4.1.50, R8000 prior to 1.0.4.46, R8000P prior to 1.4.1.50, RAX80 prior to 1.0.1.56, and WNR3500Lv2 prior to 1.2.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45525"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45525"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45525",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2343",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45525",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45525"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2343"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45525"
          }
        ]
      },
      "id": "VAR-202112-2196",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.40354367357142856
      },
      "last_update_date": "2024-11-23T22:54:45.016000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Extenders,\u00a0PSV-2018-0618",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064052/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Extenders-PSV-2018-0618"
          },
          {
            "title": "Netgear WNR3500L  and NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=177097"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2343"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45525"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064052/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-and-extenders-psv-2018-0618"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45525"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45525"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2343"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45525"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45525"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2343"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45525"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45525"
          },
          {
            "date": "2023-01-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2343"
          },
          {
            "date": "2021-12-26T01:15:14.107000",
            "db": "NVD",
            "id": "CVE-2021-45525"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45525"
          },
          {
            "date": "2023-01-13T05:03:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          },
          {
            "date": "2022-01-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2343"
          },
          {
            "date": "2024-11-21T06:32:25.277000",
            "db": "NVD",
            "id": "CVE-2021-45525"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2343"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017283"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2343"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1175

    Vulnerability from variot - Updated: 2024-11-23 22:51

    plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state.

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1175",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rax40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.80"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "ex3920",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.84"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.90"
          },
          {
            "model": "ms60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.102"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.80"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.94"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.42"
          },
          {
            "model": "r7400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "ex6920",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "r7350",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "mk62",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.102"
          },
          {
            "model": "rbs850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "rbk12",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.44"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "cbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.0.10"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.152"
          },
          {
            "model": "rax120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.136"
          },
          {
            "model": "rbs10",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.44"
          },
          {
            "model": "ex6410",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "rbs750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "rbs50y",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "wnr1000v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.78"
          },
          {
            "model": "rax200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.24"
          },
          {
            "model": "rax75",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "model": "rbr850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.134"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.24"
          },
          {
            "model": "eax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "r6400v1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.74"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "ac2100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.58"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.42"
          },
          {
            "model": "xr300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.50"
          },
          {
            "model": "ex7700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.210"
          },
          {
            "model": "wnr2000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "rax50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.64"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.76"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.24"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "ex6110",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "ex6200v1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.94"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.36"
          },
          {
            "model": "xr700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "ex3110",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.66"
          },
          {
            "model": "rbr840",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r7960p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.62"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.98"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.84"
          },
          {
            "model": "ac2600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "ex6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.224"
          },
          {
            "model": "ac2400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "cbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.0.10"
          },
          {
            "model": "rax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.64"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "r6330",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.76"
          },
          {
            "model": "rbk852",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "xr450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.66"
          },
          {
            "model": "rs400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.5.0.48"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "r6350",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.76"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.84"
          },
          {
            "model": "ex6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "ex7320",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.134"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.152"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.106"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.98"
          },
          {
            "model": "rbs40v-200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "r7850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.60"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "mr60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.102"
          },
          {
            "model": "eax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6700v1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "rbk842",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "rbr750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r7200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "rbw30",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.0.4"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "ex7300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.128"
          },
          {
            "model": "rbs40v",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.6"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.58"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "model": "wn3500rpv1",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "rax45",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.64"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.94"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.114"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.38"
          },
          {
            "model": "rax15",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.64"
          },
          {
            "model": "rbk752",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "rax35",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.80"
          },
          {
            "model": "r6850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.76"
          },
          {
            "model": "r7450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.72"
          },
          {
            "model": "rbs840",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.62"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.50"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "rbr10",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.44"
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ac2600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ac2400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ac2100",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "cbk40",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "cbr40",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "cve": "CVE-2020-35800",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 9.7,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-35800",
                "impactScore": 9.5,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "LOW",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-35800",
                "impactScore": 5.5,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "Low",
                "baseScore": 9.4,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-015016",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-35800",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-35800",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-35800",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1740",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state.",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          }
        ],
        "trust": 0.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-35800",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "id": "VAR-202012-1175",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4047866293478262
      },
      "last_update_date": "2024-11-23T22:51:09.418000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Security\u00a0Misconfiguration\u00a0on\u00a0Some\u00a0Routers,\u00a0Range\u00a0Extenders,\u00a0and\u00a0Orbi\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0112",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062733/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0112"
          },
          {
            "title": "Certain NETGEAR devices Repair measures for default configuration problems",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138265"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062733/security-advisory-for-security-misconfiguration-on-some-routers-range-extenders-and-orbi-wifi-systems-psv-2020-0112"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35800"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "date": "2020-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "date": "2020-12-30T00:15:14.410000",
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T09:06:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          },
          {
            "date": "2021-01-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          },
          {
            "date": "2024-11-21T05:28:08.620000",
            "db": "NVD",
            "id": "CVE-2020-35800"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015016"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Default configuration problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1740"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0804

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000 etc. are all products of NETGEAR company. NETGEAR EX7000 is a wireless network signal extender. NETGEAR DGN2200 is a wireless router. NETGEAR R6400 is a wireless router. The vulnerability stems from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0804",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.106"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.106"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.10"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.22"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.20"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.26"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "dgnd2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.48"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.24"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "dgnd2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.22"
          },
          {
            "model": "ex6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.48"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "dgnd2200bv4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.24"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20732"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          }
        ]
      },
      "cve": "CVE-2019-20732",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20732",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015435",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2021-63379",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20732",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20732",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015435",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20732",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20732",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015435",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-63379",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1343",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1343"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20732"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20732"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000 etc. are all products of NETGEAR company. NETGEAR EX7000 is a wireless network signal extender. NETGEAR DGN2200 is a wireless router. NETGEAR R6400 is a wireless router. The vulnerability stems from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20732"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20732",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1343",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1343"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20732"
          }
        ]
      },
      "id": "VAR-202004-0804",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          }
        ],
        "trust": 1.1051469602777777
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:02.101000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Command Injection on Some Routers, Gateways, and Extenders, PSV-2017-2228",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228"
          },
          {
            "title": "Patch for Command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-63379)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/287166"
          },
          {
            "title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116892"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1343"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-74",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20732"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20732"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061195/security-advisory-for-post-authentication-command-injection-on-some-routers-gateways-and-extenders-psv-2017-2228"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20732"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1343"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20732"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1343"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20732"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1343"
          },
          {
            "date": "2020-04-16T20:15:13.447000",
            "db": "NVD",
            "id": "CVE-2019-20732"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63379"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          },
          {
            "date": "2020-10-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1343"
          },
          {
            "date": "2024-11-21T04:39:12.800000",
            "db": "NVD",
            "id": "CVE-2019-20732"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1343"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015435"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1343"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0909

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0909",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.36"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.28"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.10"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "dgnd2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dgnd2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "dgnd2200bv4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.110"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20700"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "aircut",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1284"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20700",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20700",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015466",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2021-61054",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20700",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20700",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015466",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20700",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20700",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015466",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-61054",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1284",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1284"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20700"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20700"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20700"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20700",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1284",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1284"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20700"
          }
        ]
      },
      "id": "VAR-202004-0909",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          }
        ],
        "trust": 1.1024362164864865
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:02.006000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2018",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061194/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2018"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61054)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/285366"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114781"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1284"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20700"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20700"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061194/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2018"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20700"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1284"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20700"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1284"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20700"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1284"
          },
          {
            "date": "2020-04-16T19:15:23.947000",
            "db": "NVD",
            "id": "CVE-2019-20700"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61054"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1284"
          },
          {
            "date": "2024-11-21T04:39:07",
            "db": "NVD",
            "id": "CVE-2019-20700"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015466"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1284"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-1121

    Vulnerability from variot - Updated: 2024-11-23 22:44

    NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID. NETGEAR EX7000 The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. NETGEAR EX7000 is a wireless router from NETGEAR. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-1121",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex7000",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42_1.0.94"
          },
          {
            "model": "ex7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "net gear",
            "version": "1.0.0.42_1.0.94"
          },
          {
            "model": "ex7000 v1.0.0.42 1.0.94",
            "scope": null,
            "trust": 0.6,
            "vendor": "netgear",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10864"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          }
        ]
      },
      "cve": "CVE-2016-10864",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "CVE-2016-10864",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-26837",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 2.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 5.5,
                "id": "VHN-89683",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:A/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.1,
                "id": "CVE-2016-10864",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.8,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-10864",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2016-10864",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-26837",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-572",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-89683",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10864"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID. NETGEAR EX7000 The device contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. NETGEAR EX7000 is a wireless router from NETGEAR. The vulnerability stems from the lack of proper validation of client data for web applications. An attacker could exploit the vulnerability to execute client code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-10864"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89683"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-10864",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-572",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-89683",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10864"
          }
        ]
      },
      "id": "VAR-201908-1121",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89683"
          }
        ],
        "trust": 1.387168615
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:55.315000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "EX7000",
            "trust": 0.8,
            "url": "https://www.netgear.com/support/product/EX7000.aspx"
          },
          {
            "title": "Patch for NETGEAR EX7000 Cross-Site Scripting Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/174527"
          },
          {
            "title": "NETGEAR EX7000 Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96270"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-89683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10864"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "https://www.pentestpartners.com/security-blog/netgear-ex7000-wi-fi-range-extender-minor-xss-and-poor-password-handling/"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10864"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10864"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10864"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "db": "VULHUB",
            "id": "VHN-89683"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-10864"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "date": "2019-08-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89683"
          },
          {
            "date": "2019-08-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "date": "2019-08-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          },
          {
            "date": "2019-08-08T13:15:10.843000",
            "db": "NVD",
            "id": "CVE-2016-10864"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "date": "2019-08-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-89683"
          },
          {
            "date": "2019-08-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-009471"
          },
          {
            "date": "2019-08-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          },
          {
            "date": "2024-11-21T02:44:56.217000",
            "db": "NVD",
            "id": "CVE-2016-10864"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "NETGEAR EX7000 Cross-Site Scripting Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-26837"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-572"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0803

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0803",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.34"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.22"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.20"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.116"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.116"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.26"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.22"
          },
          {
            "model": "ex6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.74"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20731"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          }
        ]
      },
      "cve": "CVE-2019-20731",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20731",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015432",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2021-63378",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20731",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20731",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015432",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20731",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20731",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015432",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-63378",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1342",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1342"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20731"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20731"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20731"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20731",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1342",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1342"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20731"
          }
        ]
      },
      "id": "VAR-202004-0803",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          }
        ],
        "trust": 1.0628947815625
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:36.815000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2254",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254"
          },
          {
            "title": "Patch for NETGEAR buffer overflow vulnerability (CNVD-2021-63378)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/287161"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114880"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1342"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20731"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20731"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061196/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2254"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20731"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1342"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20731"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1342"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20731"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1342"
          },
          {
            "date": "2020-04-16T20:15:13.397000",
            "db": "NVD",
            "id": "CVE-2019-20731"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63378"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1342"
          },
          {
            "date": "2024-11-21T04:39:12.623000",
            "db": "NVD",
            "id": "CVE-2019-20731"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1342"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015432"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1342"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2308

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200Bv4 prior to 1.0.0.109, DGN2200v4 prior to 1.0.0.110, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700v3 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBR20 prior to 2.3.0.28, RBS20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR50 prior to 2.3.0.32, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, and XR500 prior to 2.3.2.56

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2308",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.34"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "dgn2200bv4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.109"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.50"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.56"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.44"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.53"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "d8500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dc112a",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "cve": "CVE-2021-45641",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-45641",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-45641",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.1,
                "id": "CVE-2021-45641",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45641",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45641",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45641",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45641",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2437",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200Bv4 prior to 1.0.0.109, DGN2200v4 prior to 1.0.0.110, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700v3 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBR20 prior to 2.3.0.28, RBS20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR50 prior to 2.3.0.32, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, and XR500 prior to 2.3.2.56",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45641"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45641",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45641",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "id": "VAR-202112-2308",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.42809713404255323
      },
      "last_update_date": "2024-11-23T22:44:07.304000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Security\u00a0Misconfiguration\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2018-0624",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064053/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0624"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176675"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064053/security-advisory-for-security-misconfiguration-on-some-routers-extenders-and-wifi-systems-psv-2018-0624"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45641"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "date": "2023-01-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "date": "2021-12-26T01:15:19.690000",
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45641"
          },
          {
            "date": "2023-01-24T05:20:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          },
          {
            "date": "2022-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          },
          {
            "date": "2024-11-21T06:32:45.310000",
            "db": "NVD",
            "id": "CVE-2021-45641"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017513"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2437"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2209

    Vulnerability from variot - Updated: 2024-11-23 22:40

    Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90, R6250 before 1.0.4.42, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6900P before 1.3.2.124, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7900 before 1.0.4.26, R8000 before 1.0.4.58, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RS400 before 1.5.0.48, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50. plural NETGEAR The device has cryptographic strength vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7000v2 prior to 1.0.0.62, D8500 prior to 1.0.3.50, EX3700 prior to 1.0.0.84, EX3800 prior to 1.0.0.84, EX6120 prior to 1.0.0.54, EX6130 prior to 1.0.0.36, EX7000 prior to 1.0.1.90, R6250 prior to 1.0.4.42, R6400v2 prior to 1.0.4.98, R6700v3 prior to 1.0.4.98, R6900P prior to 1.3.2.124, R7000 prior to 1.0.11.106, R7000P prior to 1.3.2.124, R7100LG prior to 1.0.0.56, R7900 prior to 1.0.4.26, R8000 prior to 1.0.4.58, R8300 prior to 1.0.2.134, R8500 prior to 1.0.2.134, RS400 prior to 1.5.0.48, WNR3500Lv2 prior to 1.2.0.62, and XR300 prior to 1.0.3.50

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2209",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.98"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.42"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.84"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.98"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.90"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.84"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.50"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.134"
          },
          {
            "model": "rs400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.5.0.48"
          },
          {
            "model": "xr300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.50"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.134"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.58"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.106"
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d8500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex3700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex3800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6250",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6130",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45512"
          }
        ]
      },
      "cve": "CVE-2021-45512",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-45512",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-45512",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-45512",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45512",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45512",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45512",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45512",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2327",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-45512",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45512"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2327"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45512"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45512"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90, R6250 before 1.0.4.42, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6900P before 1.3.2.124, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7900 before 1.0.4.26, R8000 before 1.0.4.58, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RS400 before 1.5.0.48, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50. plural NETGEAR The device has cryptographic strength vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7000v2 prior to 1.0.0.62, D8500 prior to 1.0.3.50, EX3700 prior to 1.0.0.84, EX3800 prior to 1.0.0.84, EX6120 prior to 1.0.0.54, EX6130 prior to 1.0.0.36, EX7000 prior to 1.0.1.90, R6250 prior to 1.0.4.42, R6400v2 prior to 1.0.4.98, R6700v3 prior to 1.0.4.98, R6900P prior to 1.3.2.124, R7000 prior to 1.0.11.106, R7000P prior to 1.3.2.124, R7100LG prior to 1.0.0.56, R7900 prior to 1.0.4.26, R8000 prior to 1.0.4.58, R8300 prior to 1.0.2.134, R8500 prior to 1.0.2.134, RS400 prior to 1.5.0.48, WNR3500Lv2 prior to 1.2.0.62, and XR300 prior to 1.0.3.50",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45512"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45512"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45512",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2327",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45512",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45512"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2327"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45512"
          }
        ]
      },
      "id": "VAR-202112-2209",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.37569374157894725
      },
      "last_update_date": "2024-11-23T22:40:38.273000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Broken\u00a0Cryptography\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Extenders,\u00a0PSV-2020-0134",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064117/Security-Advisory-for-Broken-Cryptography-on-Some-Routers-and-Extenders-PSV-2020-0134"
          },
          {
            "title": "Netgear WNR3500L  and NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176070"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2327"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-327",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate cryptographic strength (CWE-326) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45512"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064117/security-advisory-for-broken-cryptography-on-some-routers-and-extenders-psv-2020-0134"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45512"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/326.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45512"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2327"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45512"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45512"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2327"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45512"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45512"
          },
          {
            "date": "2023-01-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2327"
          },
          {
            "date": "2021-12-26T01:15:13.487000",
            "db": "NVD",
            "id": "CVE-2021-45512"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45512"
          },
          {
            "date": "2023-01-04T06:52:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          },
          {
            "date": "2022-01-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2327"
          },
          {
            "date": "2024-11-21T06:32:23.193000",
            "db": "NVD",
            "id": "CVE-2021-45512"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2327"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Device cryptographic strength vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017110"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2327"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2421

    Vulnerability from variot - Updated: 2024-11-23 22:40

    Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D6220 prior to 1.0.0.68, D6400 prior to 1.0.0.102, D7000v2 prior to 1.0.0.66, D8500 prior to 1.0.3.58, DC112A prior to 1.0.0.54, EX7000 prior to 1.0.1.94, EX7500 prior to 1.0.0.72, R6250 prior to 1.0.4.48, R6300v2 prior to 1.0.4.52, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.102, R6700v3 prior to 1.0.4.102, R7000 prior to 1.0.11.116, R7100LG prior to 1.0.0.64, R7850 prior to 1.0.5.68, R7900 prior to 1.0.4.30, R7960P prior to 1.4.1.68, R8000 prior to 1.0.4.52, RAX200 prior to 1.0.2.88, RBS40V prior to 2.6.2.4, RS400 prior to 1.5.1.80, XR300 prior to 1.0.3.56, R7000P prior to 1.3.2.124, R8000P prior to 1.4.1.68, R8500 prior to 1.0.2.144, RAX80 prior to 1.0.3.102, R6900P prior to 1.3.2.124, R7900P prior to 1.4.1.68, R8300 prior to 1.0.2.144, RAX75 prior to 1.0.3.102, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RBK752 prior to 3.2.17.12, and RBK852 prior to 3.2.17.12

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2421",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rbr750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.52"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "rbs850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "rbs40v",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.2.4"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "rbk752",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.144"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.68"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.94"
          },
          {
            "model": "rbk852",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.124"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "rbr850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.116"
          },
          {
            "model": "r7850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.68"
          },
          {
            "model": "xr300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.56"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.144"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.52"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.68"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "model": "rs400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.5.1.80"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.48"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.30"
          },
          {
            "model": "r7960p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.68"
          },
          {
            "model": "rax75",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.58"
          },
          {
            "model": "rbs750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "model": "rax200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.102"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.102"
          },
          {
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d8500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbs850",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbr850",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbs750",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbk752",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbr750",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbk852",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45527"
          }
        ]
      },
      "cve": "CVE-2021-45527",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2021-45527",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-45527",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 9.6,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-45527",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45527",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45527",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45527",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45527",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2341",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2341"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45527"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45527"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D6220 prior to 1.0.0.68, D6400 prior to 1.0.0.102, D7000v2 prior to 1.0.0.66, D8500 prior to 1.0.3.58, DC112A prior to 1.0.0.54, EX7000 prior to 1.0.1.94, EX7500 prior to 1.0.0.72, R6250 prior to 1.0.4.48, R6300v2 prior to 1.0.4.52, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.102, R6700v3 prior to 1.0.4.102, R7000 prior to 1.0.11.116, R7100LG prior to 1.0.0.64, R7850 prior to 1.0.5.68, R7900 prior to 1.0.4.30, R7960P prior to 1.4.1.68, R8000 prior to 1.0.4.52, RAX200 prior to 1.0.2.88, RBS40V prior to 2.6.2.4, RS400 prior to 1.5.1.80, XR300 prior to 1.0.3.56, R7000P prior to 1.3.2.124, R8000P prior to 1.4.1.68, R8500 prior to 1.0.2.144, RAX80 prior to 1.0.3.102, R6900P prior to 1.3.2.124, R7900P prior to 1.4.1.68, R8300 prior to 1.0.2.144, RAX75 prior to 1.0.3.102, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RBK752 prior to 3.2.17.12, and RBK852 prior to 3.2.17.12",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45527"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45527",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2341",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45527",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2341"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45527"
          }
        ]
      },
      "id": "VAR-202112-2421",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.3847009968181817
      },
      "last_update_date": "2024-11-23T22:40:38.015000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0437",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064493/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0437"
          },
          {
            "title": "Netgear RBR750  and NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=177093"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2341"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45527"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064493/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-extenders-and-wifi-systems-psv-2020-0437"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45527"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2341"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45527"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45527"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2341"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45527"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45527"
          },
          {
            "date": "2023-01-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2341"
          },
          {
            "date": "2021-12-26T01:15:14.207000",
            "db": "NVD",
            "id": "CVE-2021-45527"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45527"
          },
          {
            "date": "2023-01-13T05:03:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          },
          {
            "date": "2022-01-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2341"
          },
          {
            "date": "2024-11-21T06:32:25.610000",
            "db": "NVD",
            "id": "CVE-2021-45527"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2341"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017285"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2341"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0734

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900P before 1.4.0.10, R8000P before 1.4.0.10, R7900 before 1.0.2.16, R7000P before 1.3.1.44, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.1.44, R7000 before 1.0.9.32, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0734",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.80"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "jndr3000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.32"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.4.0.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.4.0.10"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.56"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.80"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "ex7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.56"
          },
          {
            "model": "wndr4500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.72"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20754"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7500_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          }
        ]
      },
      "cve": "CVE-2019-20754",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2019-20754",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015459",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-67658",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20754",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20754",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015459",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20754",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20754",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015459",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-67658",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1365",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1365"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20754"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20754"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900P before 1.4.0.10, R8000P before 1.4.0.10, R7900 before 1.0.2.16, R7000P before 1.3.1.44, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.1.44, R7000 before 1.0.9.32, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20754"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20754",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1365",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1365"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20754"
          }
        ]
      },
      "id": "VAR-202004-0734",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          }
        ],
        "trust": 1.0623450257142857
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:25.592000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Buffer Overflow on Some Routers, Modem Routers, and Extenders, PSV-2018-0054",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060628/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Modem-Routers-and-Extenders-PSV-2018-0054"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-67658)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/289166"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115025"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1365"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20754"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20754"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000060628/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-modem-routers-and-extenders-psv-2018-0054"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20754"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1365"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20754"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1365"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20754"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1365"
          },
          {
            "date": "2020-04-16T22:15:12.853000",
            "db": "NVD",
            "id": "CVE-2019-20754"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67658"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1365"
          },
          {
            "date": "2024-11-21T04:39:16.570000",
            "db": "NVD",
            "id": "CVE-2019-20754"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015459"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1365"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202103-0938

    Vulnerability from variot - Updated: 2024-11-23 22:37

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851. NETGEAR R6400 and R6700 A stack-based buffer overflow vulnerability exists in the firmware. Zero Day Initiative To this vulnerability ZDI-CAN-11851 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "_id": null,
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.38"
          },
          {
            "_id": null,
            "model": "rbr750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "_id": null,
            "model": "rs400",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.5.0.68"
          },
          {
            "_id": null,
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.48"
          },
          {
            "_id": null,
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.68"
          },
          {
            "_id": null,
            "model": "rbr850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "_id": null,
            "model": "r7850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.68"
          },
          {
            "_id": null,
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "_id": null,
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "_id": null,
            "model": "r7960p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.68"
          },
          {
            "_id": null,
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.102"
          },
          {
            "_id": null,
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "_id": null,
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.60"
          },
          {
            "_id": null,
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "_id": null,
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "_id": null,
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.68"
          },
          {
            "_id": null,
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.102"
          },
          {
            "_id": null,
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.132"
          },
          {
            "_id": null,
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.144"
          },
          {
            "_id": null,
            "model": "rbs40v",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.2.4"
          },
          {
            "_id": null,
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.66"
          },
          {
            "_id": null,
            "model": "xr300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.56"
          },
          {
            "_id": null,
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.50"
          },
          {
            "_id": null,
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.116"
          },
          {
            "_id": null,
            "model": "rbs850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "_id": null,
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.94"
          },
          {
            "_id": null,
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.68"
          },
          {
            "_id": null,
            "model": "rax75",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "_id": null,
            "model": "rbs750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.17.12"
          },
          {
            "_id": null,
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.144"
          },
          {
            "_id": null,
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "_id": null,
            "model": "rax200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "_id": null,
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "_id": null,
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.132"
          },
          {
            "_id": null,
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.38"
          },
          {
            "_id": null,
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "d6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "r6700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "r6400",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "d8500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "r6250",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "ex7500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "dc112a",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "_id": null,
            "model": "multiple routers",
            "scope": null,
            "trust": 0.7,
            "vendor": "netgear",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-27239"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Anonymous",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-206"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2021-27239",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2021-27239",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "zdi-disclosures@trendmicro.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-27239",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-27239",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-27239",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "NONE",
                "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-27239",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "zdi-disclosures@trendmicro.com",
                "id": "CVE-2021-27239",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-27239",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "ZDI",
                "id": "CVE-2021-27239",
                "trust": 0.7,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202103-1618",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-27239",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-206"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-27239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1618"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-27239"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-27239"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851. NETGEAR R6400 and R6700 A stack-based buffer overflow vulnerability exists in the firmware. Zero Day Initiative To this vulnerability ZDI-CAN-11851 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-27239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006"
          },
          {
            "db": "ZDI",
            "id": "ZDI-21-206"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-27239"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-27239",
            "trust": 3.2
          },
          {
            "db": "ZDI",
            "id": "ZDI-21-206",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-11851",
            "trust": 0.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1618",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-27239",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-206"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-27239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1618"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-27239"
          }
        ]
      },
      "id": "VAR-202103-0938",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.3599811042857142
      },
      "last_update_date": "2024-11-23T22:37:03.359000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Stack-based\u00a0Buffer\u00a0Overflow\u00a0Remote\u00a0Code\u00a0Execution\u00a0Vulnerability\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2020-0432",
            "trust": 1.5,
            "url": "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432"
          },
          {
            "title": "Netgear NETGEAR R6400  and  NETGEAR R6700 Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146570"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/WizardsOfTheInternet/CVE-2021-27239 "
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-206"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-27239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1618"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ Other ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-27239"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.6,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-21-206/"
          },
          {
            "trust": 2.4,
            "url": "https://kb.netgear.com/000062820/security-advisory-for-stack-based-buffer-overflow-remote-code-execution-vulnerability-on-some-routers-psv-2020-0432"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27239"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/121.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/wizardsoftheinternet/cve-2021-27239"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-21-206"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-27239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1618"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-27239"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-21-206",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-27239",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1618",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2021-27239",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2021-02-24T00:00:00",
            "db": "ZDI",
            "id": "ZDI-21-206",
            "ident": null
          },
          {
            "date": "2021-03-29T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-27239",
            "ident": null
          },
          {
            "date": "2021-12-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005006",
            "ident": null
          },
          {
            "date": "2021-03-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202103-1618",
            "ident": null
          },
          {
            "date": "2021-03-29T21:15:12.377000",
            "db": "NVD",
            "id": "CVE-2021-27239",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2021-02-24T00:00:00",
            "db": "ZDI",
            "id": "ZDI-21-206",
            "ident": null
          },
          {
            "date": "2021-04-02T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-27239",
            "ident": null
          },
          {
            "date": "2021-12-06T05:23:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005006",
            "ident": null
          },
          {
            "date": "2021-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202103-1618",
            "ident": null
          },
          {
            "date": "2024-11-21T05:57:39.813000",
            "db": "NVD",
            "id": "CVE-2021-27239",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1618"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "NETGEAR\u00a0R6400\u00a0 and \u00a0R6700\u00a0 Stack-based buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005006"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202103-1618"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1570

    Vulnerability from variot - Updated: 2024-11-23 22:33

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R7900P before 1.4.1.24, R8500 before 1.0.2.122, R8300 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, EX3700 before 1.0.0.72, EX3800 before 1.0.0.72, EX6000 before 1.0.0.32, EX6100 before 1.0.2.24, EX6120 before 1.0.0.42, EX6130 before 1.0.0.24, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, D7000v2 before 1.0.0.51, D6220 before 1.0.0.46, D6400 before 1.0.0.82, and D8500 before 1.0.3.42. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6700, etc. are all products of NETGEAR. NETGEAR R6700 is a wireless router. NETGEAR R7900 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1570",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.30"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r7300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.4.1.24"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.4.1.24"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.82"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.32"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.30"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.4.32"
          },
          {
            "model": "r6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.2.60"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "r6900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "r6900p",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "r7000p",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.32"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.51"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21134"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6250_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6900p_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7000p_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7900_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          }
        ]
      },
      "cve": "CVE-2018-21134",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-21134",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016411",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2021-50925",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-21134",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.1,
                "id": "CVE-2018-21134",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016411",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21134",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21134",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016411",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-50925",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2025",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2025"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21134"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21134"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R7900P before 1.4.1.24, R8500 before 1.0.2.122, R8300 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, EX3700 before 1.0.0.72, EX3800 before 1.0.0.72, EX6000 before 1.0.0.32, EX6100 before 1.0.2.24, EX6120 before 1.0.0.42, EX6130 before 1.0.0.24, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, D7000v2 before 1.0.0.51, D6220 before 1.0.0.46, D6400 before 1.0.0.82, and D8500 before 1.0.3.42. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6700, etc. are all products of NETGEAR. NETGEAR R6700 is a wireless router. NETGEAR R7900 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21134"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21134",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2025",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2025"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21134"
          }
        ]
      },
      "id": "VAR-202004-1570",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          }
        ],
        "trust": 1.05340316
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:33:27.982000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers and Wireless Extenders, PSV-2017-2019",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060226/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Wireless-Extenders-PSV-2017-2019"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-50925)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/279116"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116781"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2025"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21134"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21134"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000060226/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-and-wireless-extenders-psv-2017-2019"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21134"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2025"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21134"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2025"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21134"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "date": "2020-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2025"
          },
          {
            "date": "2020-04-23T20:15:12.943000",
            "db": "NVD",
            "id": "CVE-2018-21134"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50925"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2025"
          },
          {
            "date": "2024-11-21T04:02:58.950000",
            "db": "NVD",
            "id": "CVE-2018-21134"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2025"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016411"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2025"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0736

    Vulnerability from variot - Updated: 2024-11-23 22:29

    Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0736",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.24"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.86"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.22"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.22"
          },
          {
            "model": "ex6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.86"
          },
          {
            "model": "ex7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "r8300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.94"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20756"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          }
        ]
      },
      "cve": "CVE-2019-20756",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-20756",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015367",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20756",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20756",
                "impactScore": 4.2,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015367",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20756",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20756",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015367",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1367",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1367"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20756"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20756"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20756",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1367",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1367"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20756"
          }
        ]
      },
      "id": "VAR-202004-0736",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4030733621428571
      },
      "last_update_date": "2024-11-23T22:29:40.068000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Reflected Cross-Site Scripting on Some Routers and Extenders, PSV-2017-0709",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060643/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2017-0709"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116596"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1367"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20756"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000060643/security-advisory-for-reflected-cross-site-scripting-on-some-routers-and-extenders-psv-2017-0709"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20756"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20756"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1367"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20756"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1367"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20756"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1367"
          },
          {
            "date": "2020-04-16T22:15:12.977000",
            "db": "NVD",
            "id": "CVE-2019-20756"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1367"
          },
          {
            "date": "2024-11-21T04:39:16.957000",
            "db": "NVD",
            "id": "CVE-2019-20756"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1367"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015367"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1367"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0757

    Vulnerability from variot - Updated: 2024-11-23 22:29

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.106, DGND2200Bv4 before 1.0.0.106, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6400 before 1.0.1.42, R6700 before 1.0.1.46, R6700v3 before 1.0.2.52, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0757",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.28"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "dgnd2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.106"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.106"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.106"
          },
          {
            "model": "dgnd2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.106"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.106"
          },
          {
            "model": "dgnd2200bv4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.106"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20737"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          }
        ]
      },
      "cve": "CVE-2019-20737",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20737",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015454",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2021-63381",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20737",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20737",
                "impactScore": 4.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015454",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20737",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20737",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015454",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-63381",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1348",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1348"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20737"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20737"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.106, DGND2200Bv4 before 1.0.0.106, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6400 before 1.0.1.42, R6700 before 1.0.1.46, R6700v3 before 1.0.2.52, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20737"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20737",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1348",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1348"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20737"
          }
        ]
      },
      "id": "VAR-202004-0757",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          }
        ],
        "trust": 1.1030259168965517
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:29:40.042000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2016",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061188/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2016"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-63381)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/287181"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114907"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1348"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20737"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20737"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061188/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2016"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20737"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1348"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20737"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1348"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20737"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1348"
          },
          {
            "date": "2020-04-16T20:15:13.757000",
            "db": "NVD",
            "id": "CVE-2019-20737"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63381"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1348"
          },
          {
            "date": "2024-11-21T04:39:13.687000",
            "db": "NVD",
            "id": "CVE-2019-20737"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015454"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1348"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2310

    Vulnerability from variot - Updated: 2024-11-23 22:29

    Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. This affects CBR40 prior to 2.5.0.10, EAX20 prior to 1.0.0.32, EAX80 prior to 1.0.1.62, EX6120 prior to 1.0.0.64, EX6130 prior to 1.0.0.44, EX7000 prior to 1.0.1.104, EX7500 prior to 1.0.0.72, R7000 prior to 1.0.11.110, R7900 prior to 1.0.4.30, R7960P prior to 1.4.1.66, R8000 prior to 1.0.4.62, RAX200 prior to 1.0.2.102, XR300 prior to 1.0.3.50, EX3700 prior to 1.0.0.90, MR60 prior to 1.0.5.102, R7000P prior to 1.3.2.126, R8000P prior to 1.4.1.66, RAX20 prior to 1.0.1.64, RAX50 prior to 1.0.2.28, RAX80 prior to 1.0.3.102, EX3800 prior to 1.0.0.90, MS60 prior to 1.0.5.102, R6900P prior to 1.3.2.126, R7900P prior to 1.4.1.66, RAX15 prior to 1.0.1.64, RAX45 prior to 1.0.2.28, RAX75 prior to 1.0.3.102, RBR750 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBK752 prior to 3.2.16.6, and RBK852 prior to 3.2.16.6

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2310",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.64"
          },
          {
            "model": "rax50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "rbk752",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "eax20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.62"
          },
          {
            "model": "rax45",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "rbr850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "ms60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.102"
          },
          {
            "model": "rax15",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.64"
          },
          {
            "model": "rbk852",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.126"
          },
          {
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "xr300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.50"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.90"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.66"
          },
          {
            "model": "rbs850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "rax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "model": "mr60",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.5.102"
          },
          {
            "model": "eax80",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.62"
          },
          {
            "model": "rbs750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.104"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.66"
          },
          {
            "model": "rax200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.30"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.90"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.2.126"
          },
          {
            "model": "rax75",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.102"
          },
          {
            "model": "rbr750",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "3.2.16.6"
          },
          {
            "model": "cbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.0.10"
          },
          {
            "model": "r7960p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.66"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.11.110"
          },
          {
            "model": "ex7500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7960p",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "eax20",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7900",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "eax80",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6130",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "cbr40",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45639"
          }
        ]
      },
      "cve": "CVE-2021-45639",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2021-45639",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-45639",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.1,
                "id": "CVE-2021-45639",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2021-45639",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45639",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45639",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45639",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2435",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-45639",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45639"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2435"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45639"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45639"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. This affects CBR40 prior to 2.5.0.10, EAX20 prior to 1.0.0.32, EAX80 prior to 1.0.1.62, EX6120 prior to 1.0.0.64, EX6130 prior to 1.0.0.44, EX7000 prior to 1.0.1.104, EX7500 prior to 1.0.0.72, R7000 prior to 1.0.11.110, R7900 prior to 1.0.4.30, R7960P prior to 1.4.1.66, R8000 prior to 1.0.4.62, RAX200 prior to 1.0.2.102, XR300 prior to 1.0.3.50, EX3700 prior to 1.0.0.90, MR60 prior to 1.0.5.102, R7000P prior to 1.3.2.126, R8000P prior to 1.4.1.66, RAX20 prior to 1.0.1.64, RAX50 prior to 1.0.2.28, RAX80 prior to 1.0.3.102, EX3800 prior to 1.0.0.90, MS60 prior to 1.0.5.102, R6900P prior to 1.3.2.126, R7900P prior to 1.4.1.66, RAX15 prior to 1.0.1.64, RAX45 prior to 1.0.2.28, RAX75 prior to 1.0.3.102, RBR750 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBK752 prior to 3.2.16.6, and RBK852 prior to 3.2.16.6",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45639"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45639"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45639",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2435",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45639",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45639"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2435"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45639"
          }
        ]
      },
      "id": "VAR-202112-2310",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.32370440384615384
      },
      "last_update_date": "2024-11-23T22:29:10.363000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Reflected\u00a0Cross\u00a0Site\u00a0Scripting\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0121",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064460/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0121"
          },
          {
            "title": "Netgear RBR750  and NETGEAR Fixes for cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176673"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2435"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45639"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064460/security-advisory-for-reflected-cross-site-scripting-on-some-routers-extenders-and-wifi-systems-psv-2020-0121"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45639"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45639"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2435"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45639"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45639"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2435"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45639"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45639"
          },
          {
            "date": "2023-01-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2435"
          },
          {
            "date": "2021-12-26T01:15:19.597000",
            "db": "NVD",
            "id": "CVE-2021-45639"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45639"
          },
          {
            "date": "2023-01-06T06:05:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          },
          {
            "date": "2022-01-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2435"
          },
          {
            "date": "2024-11-21T06:32:44.890000",
            "db": "NVD",
            "id": "CVE-2021-45639"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2435"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017174"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2435"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2415

    Vulnerability from variot - Updated: 2024-11-23 22:29

    Certain NETGEAR devices are affected by command injection by an authenticated user. This affects EX6120 before 1.0.0.66, EX6130 before 1.0.0.46, EX7000 before 1.0.1.106, EX7500 before 1.0.1.76, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, RBR850 before 4.6.3.9, RBS850 before 4.6.3.9, and RBK852 before 4.6.3.9. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects EX6120 prior to 1.0.0.66, EX6130 prior to 1.0.0.46, EX7000 prior to 1.0.1.106, EX7500 prior to 1.0.1.76, EX3700 prior to 1.0.0.94, EX3800 prior to 1.0.0.94, RBR850 prior to 4.6.3.9, RBS850 prior to 4.6.3.9, and RBK852 prior to 4.6.3.9

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2415",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "rbk852",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "4.6.3.9"
          },
          {
            "model": "rbr850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "4.6.3.9"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.106"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "rbs850",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "4.6.3.9"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "ex7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex7500",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex3800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex3700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbk852",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbr850",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6130",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "rbs850",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45533"
          }
        ]
      },
      "cve": "CVE-2021-45533",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2021-45533",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2021-45533",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.7,
                "id": "CVE-2021-45533",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45533",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45533",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45533",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45533",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2352",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-45533",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2352"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45533"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45533"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects EX6120 before 1.0.0.66, EX6130 before 1.0.0.46, EX7000 before 1.0.1.106, EX7500 before 1.0.1.76, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, RBR850 before 4.6.3.9, RBS850 before 4.6.3.9, and RBK852 before 4.6.3.9. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects EX6120 prior to 1.0.0.66, EX6130 prior to 1.0.0.46, EX7000 prior to 1.0.1.106, EX7500 prior to 1.0.1.76, EX3700 prior to 1.0.0.94, EX3800 prior to 1.0.0.94, RBR850 prior to 4.6.3.9, RBS850 prior to 4.6.3.9, and RBK852 prior to 4.6.3.9",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45533"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45533",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2352",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45533",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2352"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45533"
          }
        ]
      },
      "id": "VAR-202112-2415",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.36700508800000003
      },
      "last_update_date": "2024-11-23T22:29:10.239000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Extenders\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0062",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064458/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0062"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176385"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2352"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          },
          {
            "problemtype": "Command injection (CWE-77) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45533"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064458/security-advisory-for-post-authentication-command-injection-on-some-extenders-and-wifi-systems-psv-2020-0062"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45533"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/77.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2352"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45533"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45533"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2352"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45533"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45533"
          },
          {
            "date": "2023-01-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2352"
          },
          {
            "date": "2021-12-26T01:15:14.553000",
            "db": "NVD",
            "id": "CVE-2021-45533"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45533"
          },
          {
            "date": "2023-01-04T06:53:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          },
          {
            "date": "2022-01-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2352"
          },
          {
            "date": "2024-11-21T06:32:26.620000",
            "db": "NVD",
            "id": "CVE-2021-45533"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2352"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017116"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2352"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0754

    Vulnerability from variot - Updated: 2024-11-23 22:25

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6220, etc. are all products of NETGEAR. NETGEAR D6220 is a wireless modem. NETGEAR R6300 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D6220 prior to 1.0.0.40, D8500 prior to 1.0.3.39, EX3700 prior to 1.0.0.70, EX3800 prior to 1.0.0.70, EX6000 prior to 1.0.0.30, EX6100 prior to 1.0.2.22, EX6120 prior to 1.0.0.40, EX6130 prior to 1.0.0.22, EX6150v1 prior to 1.0.0.42, EX6200 prior to 1.0.3.88, EX7000 prior to 1.0.0.66, R6300v2 prior to 1.0.4.18, R6400 prior to 1.0.1.24, R6400v2 prior to 1.0.2.32, R6700 prior to 1.0.1.22, R6700v3 prior to 1.0.2.32, R6900 prior to 1.0.1.22, R7000 prior to 1.0.9.6, R6900P prior to 1.0.0.56, R7000P prior to 1.0.0.56, R7100LG prior to 1.0.0.42, R7300DST prior to 1.0.0.54, R7900 prior to 1.0.1.26, R8300 prior to 1.0.2.106, R8500 prior to 1.0.2.106, WN2500RPv2 prior to 1.0.1.54, and WNR3500Lv2 prior to 1.2.0.46

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0754",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.106"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.106"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.6"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.22"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.46"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.22"
          },
          {
            "model": "ex6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.46"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "r6700v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.32"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20734"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          }
        ]
      },
      "cve": "CVE-2019-20734",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-20734",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015451",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-63380",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20734",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.6,
                "id": "CVE-2019-20734",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015451",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20734",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20734",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015451",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-63380",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1345",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-20734",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20734"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1345"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20734"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20734"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6220, etc. are all products of NETGEAR. NETGEAR D6220 is a wireless modem. NETGEAR R6300 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D6220 prior to 1.0.0.40, D8500 prior to 1.0.3.39, EX3700 prior to 1.0.0.70, EX3800 prior to 1.0.0.70, EX6000 prior to 1.0.0.30, EX6100 prior to 1.0.2.22, EX6120 prior to 1.0.0.40, EX6130 prior to 1.0.0.22, EX6150v1 prior to 1.0.0.42, EX6200 prior to 1.0.3.88, EX7000 prior to 1.0.0.66, R6300v2 prior to 1.0.4.18, R6400 prior to 1.0.1.24, R6400v2 prior to 1.0.2.32, R6700 prior to 1.0.1.22, R6700v3 prior to 1.0.2.32, R6900 prior to 1.0.1.22, R7000 prior to 1.0.9.6, R6900P prior to 1.0.0.56, R7000P prior to 1.0.0.56, R7100LG prior to 1.0.0.42, R7300DST prior to 1.0.0.54, R7900 prior to 1.0.1.26, R8300 prior to 1.0.2.106, R8500 prior to 1.0.2.106, WN2500RPv2 prior to 1.0.1.54, and WNR3500Lv2 prior to 1.2.0.46",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20734"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20734"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20734",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1345",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20734",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20734"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1345"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20734"
          }
        ]
      },
      "id": "VAR-202004-0754",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          }
        ],
        "trust": 1.0773654625925926
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:25:33.201000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-0791",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791"
          },
          {
            "title": "Patch for NETGEAR buffer overflow vulnerability (CNVD-2021-63380)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/287176"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114904"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1345"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20734"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20734"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000061192/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-0791"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20734"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20734"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1345"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20734"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20734"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1345"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20734"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20734"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1345"
          },
          {
            "date": "2020-04-16T20:15:13.553000",
            "db": "NVD",
            "id": "CVE-2019-20734"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63380"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20734"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1345"
          },
          {
            "date": "2024-11-21T04:39:13.173000",
            "db": "NVD",
            "id": "CVE-2019-20734"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1345"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015451"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1345"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0901

    Vulnerability from variot - Updated: 2024-11-23 22:25

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250 is a wireless router of NETGEAR. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0901",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.24"
          },
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.88"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.36"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.28"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.10"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dgnd2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.109"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dgnd2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.109"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dgnd2200bv4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.109"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "ex6150v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.54"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20692"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "aircut",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1276"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20692",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20692",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015465",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-30757",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20692",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2019-20692",
                "impactScore": 5.5,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015465",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20692",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20692",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015465",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-30757",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1276",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1276"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20692"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20692"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250 is a wireless router of NETGEAR. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20692",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1276",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1276"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20692"
          }
        ]
      },
      "id": "VAR-202004-0901",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          }
        ],
        "trust": 1.1024362164864865
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:25:33.066000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2014",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061447/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2014"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-30757)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219507"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114774"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1276"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20692"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20692"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061447/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2014"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20692"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1276"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20692"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1276"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20692"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1276"
          },
          {
            "date": "2020-04-16T19:15:23.493000",
            "db": "NVD",
            "id": "CVE-2019-20692"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30757"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1276"
          },
          {
            "date": "2024-11-21T04:39:05.843000",
            "db": "NVD",
            "id": "CVE-2019-20692"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015465"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1276"
          }
        ],
        "trust": 0.6
      }
    }