Search

Find a vulnerability

Search criteria

    19 vulnerabilities found for wn3100rpv2 by netgear

    VAR-202004-0735

    Vulnerability from variot - Updated: 2024-11-23 23:08

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0735",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.80"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "jndr3000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "rbw30",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.1.4.16"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.32"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.4.0.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.4.0.10"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.56"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.80"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "jndr3000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "rbw30",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.1.4.16"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "wn2500rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "dgn2200v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.56"
          },
          {
            "model": "wndr4500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20755"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jndr3000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6250_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbw30_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          }
        ]
      },
      "cve": "CVE-2019-20755",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2019-20755",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015460",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-61061",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20755",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20755",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015460",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20755",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20755",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015460",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-61061",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1366",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1366"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20755"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20755"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20755"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20755",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1366",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1366"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20755"
          }
        ]
      },
      "id": "VAR-202004-0735",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          }
        ],
        "trust": 1.1059655375806452
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:08:03.214000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers, Modem Routers, Extenders, and Orbi Satellites, PSV-2018-0053",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060627/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Extenders-and-Orbi-Satellites-PSV-2018-0053"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61061)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/285351"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115026"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1366"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20755"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20755"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000060627/security-advisory-for-post-authentication-stack-overflow-on-some-routers-modem-routers-extenders-and-orbi-satellites-psv-2018-0053"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20755"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1366"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20755"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1366"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20755"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1366"
          },
          {
            "date": "2020-04-16T22:15:12.930000",
            "db": "NVD",
            "id": "CVE-2019-20755"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61061"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          },
          {
            "date": "2020-04-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1366"
          },
          {
            "date": "2024-11-21T04:39:16.770000",
            "db": "NVD",
            "id": "CVE-2019-20755"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015460"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1366"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0795

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN2000RPTv3 before 1.0.1.32, WN3000RPv3 before 1.0.2.70, and WN3100RPv2 before 1.0.0.66. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR R8900 is a wireless router of NETGEAR. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code. This affects D7800 prior to 1.0.1.47, EX6100v2 prior to 1.0.1.76, EX6150v2 prior to 1.0.1.76, R7500v2 prior to 1.0.3.38, R7800 prior to 1.0.2.52, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, WN2000RPTv3 prior to 1.0.1.32, WN3000RPv3 prior to 1.0.2.70, and WN3100RPv2 prior to 1.0.0.66

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0795",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.47"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.47"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20749"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          }
        ]
      },
      "cve": "CVE-2019-20749",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2019-20749",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015436",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2020-27301",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20749",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20749",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015436",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20749",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20749",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015436",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-27301",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1360",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-20749",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20749"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1360"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20749"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20749"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN2000RPTv3 before 1.0.1.32, WN3000RPv3 before 1.0.2.70, and WN3100RPv2 before 1.0.0.66. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR R8900 is a wireless router of NETGEAR. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code. This affects D7800 prior to 1.0.1.47, EX6100v2 prior to 1.0.1.76, EX6150v2 prior to 1.0.1.76, R7500v2 prior to 1.0.3.38, R7800 prior to 1.0.2.52, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, WN2000RPTv3 prior to 1.0.1.32, WN3000RPv3 prior to 1.0.2.70, and WN3100RPv2 prior to 1.0.0.66",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20749"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20749"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20749",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1360",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20749",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20749"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1360"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20749"
          }
        ]
      },
      "id": "VAR-202004-0795",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          }
        ],
        "trust": 1.1961080666666666
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:24.973000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross Site Scripting on Some Gateways, Extenders, and Routers, PSV-2018-0172",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060965/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Gateways-Extenders-and-Routers-PSV-2018-0172"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-27301)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/216923"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115004"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1360"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20749"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20749"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000060965/security-advisory-for-stored-cross-site-scripting-on-some-gateways-extenders-and-routers-psv-2018-0172"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20749"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20749"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1360"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20749"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20749"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1360"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20749"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20749"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1360"
          },
          {
            "date": "2020-04-16T21:15:12.923000",
            "db": "NVD",
            "id": "CVE-2019-20749"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-27301"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20749"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1360"
          },
          {
            "date": "2024-11-21T04:39:15.690000",
            "db": "NVD",
            "id": "CVE-2019-20749"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1360"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015436"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1360"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1656

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1656",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "r900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21210"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21210"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          }
        ]
      },
      "cve": "CVE-2018-21210",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21210",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016358",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46562",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21210",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21210",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016358",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21210",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21210",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016358",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46562",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2282",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21210",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21210"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2282"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21210"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21210"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21210"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21210"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21210",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2282",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21210",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21210"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2282"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21210"
          }
        ]
      },
      "id": "VAR-202004-1656",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          }
        ],
        "trust": 1.29708041
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:24.136000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders PSV-2017-2492",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055139/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2492"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46562)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276346"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117374"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2282"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21210"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21210"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055139/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2492"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21210"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21210"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2282"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21210"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21210"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2282"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21210"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21210"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2282"
          },
          {
            "date": "2020-04-28T16:15:13.887000",
            "db": "NVD",
            "id": "CVE-2018-21210"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46562"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21210"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2282"
          },
          {
            "date": "2024-11-21T04:03:11.097000",
            "db": "NVD",
            "id": "CVE-2018-21210"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2282"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016358"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2282"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1198

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1198",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "xr450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.140"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.32"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.140"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.78"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.186"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "xr500",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.078"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6150v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6200v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dm200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6100v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex2700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "cve": "CVE-2020-35799",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-35799",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-35799",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-35799",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-35799",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-35799",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-35799",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-35799",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1741",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-35799",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "id": "VAR-202012-1198",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.447916488139535
      },
      "last_update_date": "2024-11-23T22:58:05.562000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Stack\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Range\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2018-0296",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296"
          },
          {
            "title": "Certain NETGEAR devices Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138121"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062709/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-range-extenders-and-wifi-systems-psv-2018-0296"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35799"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "date": "2020-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "date": "2020-12-30T00:15:14.347000",
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T09:06:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "date": "2021-01-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "date": "2024-11-21T05:28:08.360000",
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Out-of-bounds write vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1672

    Vulnerability from variot - Updated: 2024-11-23 22:55

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects EX2700 before 1.0.1.28, R7800 before 1.0.2.40, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR EX2700 is a wireless network signal extender. NETGEAR WN3000RP is a wireless network signal extender. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. This affects EX2700 prior to 1.0.1.28, R7800 prior to 1.0.2.40, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1672",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21170"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          }
        ]
      },
      "cve": "CVE-2018-21170",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21170",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016379",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2020-28109",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21170",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21170",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016379",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21170",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21170",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016379",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28109",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2212",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21170",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2212"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21170"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21170"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects EX2700 before 1.0.1.28, R7800 before 1.0.2.40, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR EX2700 is a wireless network signal extender. NETGEAR WN3000RP is a wireless network signal extender. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. This affects EX2700 prior to 1.0.1.28, R7800 prior to 1.0.2.40, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21170"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21170",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2212",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21170",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2212"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21170"
          }
        ]
      },
      "id": "VAR-202004-1672",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          }
        ],
        "trust": 1.355098134
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:55:10.149000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers and Extenders, PSV-2017-2638",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055188/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Extenders-PSV-2017-2638"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28109)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217423"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117305"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2212"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21170"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21170"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055188/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-and-extenders-psv-2017-2638"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21170"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2212"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21170"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2212"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21170"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21170"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "date": "2020-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2212"
          },
          {
            "date": "2020-04-27T18:15:12.857000",
            "db": "NVD",
            "id": "CVE-2018-21170"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28109"
          },
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21170"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2212"
          },
          {
            "date": "2024-11-21T04:03:04.600000",
            "db": "NVD",
            "id": "CVE-2018-21170"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2212"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016379"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2212"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0779

    Vulnerability from variot - Updated: 2024-11-23 22:51

    Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, EX2700 before 1.0.1.52, EX6200v2 before 1.0.1.74, EX8000 before 1.0.1.180, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, SRK60 before 2.2.1.210, SRR60 before 2.2.1.210, SRS60 before 2.2.1.210, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, and WNDR4500v3 before 1.0.0.58. plural NETGEAR The device contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR EX2700 is a wireless network signal extender

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0779",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "srr60",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.2.1.210"
          },
          {
            "model": "srs60",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.2.1.210"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.180"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.58"
          },
          {
            "model": "srk60",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.2.1.210"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "ex8000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.80"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.58"
          },
          {
            "model": "rbk20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20717"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex8000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wayne Low of Fortinets FortiGuard Labs",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20717",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-20717",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 3.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015412",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2020-30688",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20717",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20717",
                "impactScore": 1.4,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015412",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20717",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20717",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015412",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-30688",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1301",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20717"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20717"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, EX2700 before 1.0.1.52, EX6200v2 before 1.0.1.74, EX8000 before 1.0.1.180, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, SRK60 before 2.2.1.210, SRR60 before 2.2.1.210, SRS60 before 2.2.1.210, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, and WNDR4500v3 before 1.0.0.58. plural NETGEAR The device contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR EX2700 is a wireless network signal extender",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20717"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20717",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1301",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20717"
          }
        ]
      },
      "id": "VAR-202004-0779",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          }
        ],
        "trust": 1.1408653544444443
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:51:27.241000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Denial of Service on Some Routers, Extenders, and WiFi Systems, PSV-2018-0225",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061211/Security-Advisory-for-Denial-of-Service-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0225"
          },
          {
            "title": "Patch for Multiple NETGEAR product input verification error vulnerabilities (CNVD-2020-30688)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219481"
          },
          {
            "title": "Multiple NETGEAR Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116882"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20717"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20717"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061211/security-advisory-for-denial-of-service-on-some-routers-extenders-and-wifi-systems-psv-2018-0225"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20717"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20717"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20717"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          },
          {
            "date": "2020-04-16T19:15:24.930000",
            "db": "NVD",
            "id": "CVE-2019-20717"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30688"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          },
          {
            "date": "2024-11-21T04:39:10.313000",
            "db": "NVD",
            "id": "CVE-2019-20717"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Input verification vulnerabilities on devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015412"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1301"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1661

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, EX2700 before 1.0.1.28, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, EX2700 prior to 1.0.1.28, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1661",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          }
        ]
      },
      "cve": "CVE-2018-21215",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21215",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016356",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46567",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21215",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21215",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016356",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21215",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21215",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016356",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46567",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2290",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21215",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, EX2700 before 1.0.1.28, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, EX2700 prior to 1.0.1.28, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21215",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "id": "VAR-202004-1661",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          }
        ],
        "trust": 1.275971406
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:01.263000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2486",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055122/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2486"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46567)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276391"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117382"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21215"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055122/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2486"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21215"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "date": "2020-04-28T16:15:14.153000",
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46567"
          },
          {
            "date": "2020-05-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21215"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          },
          {
            "date": "2024-11-21T04:03:11.883000",
            "db": "NVD",
            "id": "CVE-2018-21215"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016356"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2290"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0782

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D7800 before 1.0.1.47, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN2000RPTv3 before 1.0.1.32, WN3000RPv3 before 1.0.2.70, and WN3100RPv2 before 1.0.0.66. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all wireless modems from NETGEAR. The vulnerability stems from the lack of correct verification of client data in WEB applications. An attacker can use this vulnerability to execute client code. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.76, D7800 prior to 1.0.1.47, R7500v2 prior to 1.0.3.38, R7800 prior to 1.0.2.52, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, WN2000RPTv3 prior to 1.0.1.32, WN3000RPv3 prior to 1.0.2.70, and WN3100RPv2 prior to 1.0.0.66

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0782",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.47"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.47"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20720"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "aircut",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20720",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2019-20720",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015407",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2021-63377",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20720",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20720",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015407",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20720",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20720",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015407",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-63377",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1304",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-20720",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20720"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20720"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20720"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D7800 before 1.0.1.47, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN2000RPTv3 before 1.0.1.32, WN3000RPv3 before 1.0.2.70, and WN3100RPv2 before 1.0.0.66. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all wireless modems from NETGEAR. The vulnerability stems from the lack of correct verification of client data in WEB applications. An attacker can use this vulnerability to execute client code. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.76, D7800 prior to 1.0.1.47, R7500v2 prior to 1.0.3.38, R7800 prior to 1.0.2.52, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, WN2000RPTv3 prior to 1.0.1.32, WN3000RPv3 prior to 1.0.2.70, and WN3100RPv2 prior to 1.0.0.66",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20720"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20720"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20720",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1304",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20720",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20720"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20720"
          }
        ]
      },
      "id": "VAR-202004-0782",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          }
        ],
        "trust": 1.2346832072727274
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:36.842000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross Site Scripting on Some Routers and Gateways, PSV-2018-0174",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061208/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0174"
          },
          {
            "title": "Patch for Cross-site scripting vulnerabilities in multiple NETGEAR products (CNVD-2021-63377)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/287131"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116883"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20720"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20720"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000061208/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-gateways-psv-2018-0174"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20720"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/79.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20720"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20720"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20720"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20720"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20720"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          },
          {
            "date": "2020-04-16T19:15:25.150000",
            "db": "NVD",
            "id": "CVE-2019-20720"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-63377"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20720"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          },
          {
            "date": "2024-11-21T04:39:10.797000",
            "db": "NVD",
            "id": "CVE-2019-20720"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015407"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1304"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1660

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1660",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          }
        ]
      },
      "cve": "CVE-2018-21214",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21214",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016355",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46566",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21214",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21214",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016355",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21214",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21214",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016355",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46566",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2287",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21214",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500v2 prior to 1.0.3.24, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21214",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "id": "VAR-202004-1660",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          }
        ],
        "trust": 1.269161487272727
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:36.002000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2488",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055123/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2488"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46566)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276376"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117379"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21214"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055123/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2488"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21214"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "date": "2020-04-28T16:15:14.107000",
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46566"
          },
          {
            "date": "2020-05-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21214"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          },
          {
            "date": "2024-11-21T04:03:11.730000",
            "db": "NVD",
            "id": "CVE-2018-21214"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016355"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2287"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0776

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.22, RBR20 before 2.3.0.22, RBS20 before 2.3.0.22, RBK50 before 2.3.0.22, RBR50 before 2.3.0.22, RBS50 before 2.3.0.22, RBS40 before 2.3.0.22, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR DM200 is a wireless modem. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0776",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.34"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "rbk20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "rbr20",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2.3.0.22"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbk20_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:rbr20_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Wayne Low of Fortinets FortiGuard Labs",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20714",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2019-20714",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.5,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015414",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CNVD-2020-30685",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20714",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2019-20714",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015414",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20714",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20714",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015414",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-30685",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1298",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.22, RBR20 before 2.3.0.22, RBS20 before 2.3.0.22, RBK50 before 2.3.0.22, RBR50 before 2.3.0.22, RBS50 before 2.3.0.22, RBS40 before 2.3.0.22, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR DM200 is a wireless modem. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20714",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "id": "VAR-202004-0776",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          }
        ],
        "trust": 1.1352816739130436
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:25.538000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Stored Cross Site Scripting on Some Routers, Gateways, and WiFi System, PSV-2018-0249",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061214/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-System-PSV-2018-0249"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-30685)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219487"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116567"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20714"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061214/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-wifi-system-psv-2018-0249"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20714"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "date": "2020-04-16T19:15:24.777000",
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-30685"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          },
          {
            "date": "2024-11-21T04:39:09.837000",
            "db": "NVD",
            "id": "CVE-2019-20714"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015414"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1298"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0797

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, DM200 before 1.0.0.61, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.26, R9000 before 1.0.4.26, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.66, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0797",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.180"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex8000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.180"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r8900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.72"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex8000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          }
        ]
      },
      "cve": "CVE-2019-20751",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2019-20751",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015366",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-66985",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20751",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20751",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015366",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20751",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20751",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015366",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-66985",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1362",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, DM200 before 1.0.0.61, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.26, R9000 before 1.0.4.26, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.66, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20751",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "id": "VAR-202004-0797",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          }
        ],
        "trust": 1.2212749289999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:25.511000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Extenders, Gateways, and Routers, PSV-2018-0171",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060964/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Extenders-Gateways-and-Routers-PSV-2018-0171"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-66985)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/288721"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115006"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20751"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000060964/security-advisory-for-post-authentication-stack-overflow-on-some-extenders-gateways-and-routers-psv-2018-0171"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20751"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-08-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "date": "2020-04-16T21:15:13.067000",
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-66985"
          },
          {
            "date": "2020-05-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          },
          {
            "date": "2024-11-21T04:39:16.010000",
            "db": "NVD",
            "id": "CVE-2019-20751"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015366"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1362"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1301

    Vulnerability from variot - Updated: 2024-11-23 22:37

    plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem.

    There are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1301",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.35"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.16"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.36"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.9.18"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.8"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.3.0.8"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.34"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.5.14"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.5.14"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.110"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.110"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.4_1.1.42"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.46"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.46"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.35"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "dgn2200v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "dgn2200bv4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.46"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r8000 \u003c1.0.4.4 1.1.42",
            "scope": null,
            "trust": 0.6,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wndr3400v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wnr3500lv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.46"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18788"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          }
        ]
      },
      "cve": "CVE-2017-18788",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18788",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014874",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-31315",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2017-18788",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.8,
                "id": "CVE-2017-18788",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014874",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18788",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18788",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014874",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31315",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1863",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1863"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18788"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18788"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. \n\r\n\r\nThere are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          }
        ],
        "trust": 1.26
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18788",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1863",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1863"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18788"
          }
        ]
      },
      "id": "VAR-202004-1301",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          }
        ],
        "trust": 1.1754130904918032
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:25.142000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post Authentication Command Injection on Some Routers, Gateways, and Extenders, PSV-2017-2947",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049527/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2947"
          },
          {
            "title": "Patch for Multiple NETGEAR product injection vulnerabilities (CNVD-2020-31315)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/220097"
          },
          {
            "title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116999"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1863"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18788"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18788"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049527/security-advisory-for-post-authentication-command-injection-on-some-routers-gateways-and-extenders-psv-2017-2947"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18788"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1863"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18788"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1863"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18788"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1863"
          },
          {
            "date": "2020-04-22T14:15:11.817000",
            "db": "NVD",
            "id": "CVE-2017-18788"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31315"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1863"
          },
          {
            "date": "2024-11-21T03:20:55.460000",
            "db": "NVD",
            "id": "CVE-2017-18788"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1863"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014874"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1863"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1658

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1658",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21212"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          }
        ]
      },
      "cve": "CVE-2018-21212",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21212",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016353",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46564",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21212",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21212",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016353",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21212",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21212",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016353",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46564",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2283",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21212",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2283"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21212"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21212"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21212"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21212",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2283",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21212",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2283"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21212"
          }
        ]
      },
      "id": "VAR-202004-1658",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          }
        ],
        "trust": 1.284859608235294
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:24.706000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2490",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055137/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2490"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46564)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276361"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117375"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2283"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21212"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21212"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055137/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2490"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21212"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2283"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21212"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21212"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2283"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21212"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21212"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2283"
          },
          {
            "date": "2020-04-28T16:15:13.997000",
            "db": "NVD",
            "id": "CVE-2018-21212"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46564"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21212"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2283"
          },
          {
            "date": "2024-11-21T04:03:11.420000",
            "db": "NVD",
            "id": "CVE-2018-21212"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2283"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016353"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2283"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1716

    Vulnerability from variot - Updated: 2024-11-23 22:25

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR EX2700 is a wireless network signal extender. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1716",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "r900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21205"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21205"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          }
        ]
      },
      "cve": "CVE-2018-21205",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21205",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016347",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46357",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21205",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21205",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016347",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21205",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21205",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016347",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46357",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2275",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21205",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21205"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2275"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21205"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21205"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR EX2700 is a wireless network signal extender. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21205"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21205"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21205",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2275",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21205",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21205"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2275"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21205"
          }
        ]
      },
      "id": "VAR-202004-1716",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          }
        ],
        "trust": 1.3238750114285716
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:25:32.220000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2568",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055144/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2568"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46357)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276311"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117367"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2275"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21205"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21205"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055144/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2568"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21205"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21205"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2275"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21205"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21205"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2275"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21205"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21205"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2275"
          },
          {
            "date": "2020-04-28T16:15:13.497000",
            "db": "NVD",
            "id": "CVE-2018-21205"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46357"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21205"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2275"
          },
          {
            "date": "2024-11-21T04:03:10.330000",
            "db": "NVD",
            "id": "CVE-2018-21205"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2275"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016347"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2275"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1692

    Vulnerability from variot - Updated: 2024-11-23 22:05

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.28, EX2700 before 1.0.1.32, EX6200v2 before 1.0.1.56, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.52, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR D7800 is a wireless modem. NETGEAR EX2700 is a wireless network signal extender. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.28, EX2700 prior to 1.0.1.32, EX6200v2 prior to 1.0.1.56, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.52, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1692",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.42"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21181"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          }
        ]
      },
      "cve": "CVE-2018-21181",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2018-21181",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016365",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-28241",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2018-21181",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2018-21181",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016365",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21181",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21181",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016365",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28241",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2240",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21181",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21181"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2240"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21181"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21181"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.28, EX2700 before 1.0.1.32, EX6200v2 before 1.0.1.56, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.52, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR D7800 is a wireless modem. NETGEAR EX2700 is a wireless network signal extender. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.28, EX2700 prior to 1.0.1.32, EX6200v2 prior to 1.0.1.56, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.52, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21181"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21181"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21181",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2240",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21181",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21181"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2240"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21181"
          }
        ]
      },
      "id": "VAR-202004-1692",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          }
        ],
        "trust": 1.3353913524999999
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:05:39.936000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2618",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055177/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2618"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28241)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217491"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117734"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2240"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21181"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21181"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055177/security-advisory-for-post-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2618"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21181"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21181"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2240"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21181"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21181"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2240"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21181"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21181"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2240"
          },
          {
            "date": "2020-04-28T13:15:12.480000",
            "db": "NVD",
            "id": "CVE-2018-21181"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28241"
          },
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21181"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2240"
          },
          {
            "date": "2024-11-21T04:03:06.550000",
            "db": "NVD",
            "id": "CVE-2018-21181"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2240"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016365"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2240"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0785

    Vulnerability from variot - Updated: 2024-11-23 21:59

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, DM200 before 1.0.0.58, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0785",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.180"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.136"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.136"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.75"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "dm200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.72"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.136"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.136"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.32"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.70"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.72"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dm200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "aircut",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20723",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2019-20723",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.2,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015409",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CNVD-2021-61056",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20723",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.9,
                "id": "CVE-2019-20723",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015409",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20723",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20723",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015409",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-61056",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1307",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, DM200 before 1.0.0.58, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20723",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "id": "VAR-202004-0785",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          }
        ],
        "trust": 1.1791139654166667
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:59:21.256000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2018-0146",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061205/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0146"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61056)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/285371"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114817"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20723"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061205/security-advisory-for-post-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2018-0146"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20723"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "date": "2020-04-16T19:15:25.337000",
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-11T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-61056"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          },
          {
            "date": "2024-11-21T04:39:11.273000",
            "db": "NVD",
            "id": "CVE-2019-20723"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015409"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1307"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1463

    Vulnerability from variot - Updated: 2024-11-23 21:51

    plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX6150, etc. are all products of NETGEAR. NETGEAR EX6150 is a wireless network signal extender. NETGEAR D7000 is a wireless modem. NETGEAR WNDR3700 is a wireless router. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send an unexpected request to the server through the affected client. This affects D1500 prior to 1.0.0.25, D500 prior to 1.0.0.25, D6100 prior to 1.0.0.55, D7000 prior to 1.0.1.50, D7800 prior to 1.0.1.28, EX6100v2 prior to 1.0.1.60, EX6150v2 prior to 1.0.1.60, JNR1010v2 prior to 1.1.0.46, JR6150 prior to 1.0.1.16, JWNR2010v5 prior to 1.1.0.46, PR2000 prior to 1.0.0.18, R6020 prior to 1.0.0.26, R6050 prior to 1.0.1.16, R6080 prior to 1.0.0.26, R6100 prior to 1.0.1.20, R6220 prior to 1.1.0.60, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.40, WNDR3700v5 prior to 1.1.0.48, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.46, WNR2000v5 prior to 1.0.0.62, WNR2020 prior to 1.1.0.46, and WNR2050 prior to 1.1.0.46

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1463",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "d1500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.25"
          },
          {
            "model": "d500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.25"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.25"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.25"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.53"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "ex6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.34 1.0.70"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "ex6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.54"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.17"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.17"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.10j"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.1"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2020",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr2020",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr2020",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr2050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr2050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.44"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18703"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d1500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          }
        ]
      },
      "cve": "CVE-2017-18703",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-18703",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014997",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-28013",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18703",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18703",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014997",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18703",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18703",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014997",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-28013",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2123",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2017-18703",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2123"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18703"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18703"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX6150, etc. are all products of NETGEAR. NETGEAR EX6150 is a wireless network signal extender. NETGEAR D7000 is a wireless modem. NETGEAR WNDR3700 is a wireless router. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send an unexpected request to the server through the affected client. This affects D1500 prior to 1.0.0.25, D500 prior to 1.0.0.25, D6100 prior to 1.0.0.55, D7000 prior to 1.0.1.50, D7800 prior to 1.0.1.28, EX6100v2 prior to 1.0.1.60, EX6150v2 prior to 1.0.1.60, JNR1010v2 prior to 1.1.0.46, JR6150 prior to 1.0.1.16, JWNR2010v5 prior to 1.1.0.46, PR2000 prior to 1.0.0.18, R6020 prior to 1.0.0.26, R6050 prior to 1.0.1.16, R6080 prior to 1.0.0.26, R6100 prior to 1.0.1.20, R6220 prior to 1.1.0.60, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.20, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.40, WNDR3700v5 prior to 1.1.0.48, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.46, WNR2000v5 prior to 1.0.0.62, WNR2020 prior to 1.1.0.46, and WNR2050 prior to 1.1.0.46",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18703"
          }
        ],
        "trust": 1.35
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18703",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2123",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18703",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2123"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18703"
          }
        ]
      },
      "id": "VAR-202004-1463",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          }
        ],
        "trust": 1.1831706938709678
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:51:30.493000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Cross-Site Request Forgery on Some Routers, Gateways, and Extenders, PSV-2017-0736",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000053199/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0736"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site request forgery vulnerabilities",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/217287"
          },
          {
            "title": "Multiple NETGEAR Repair measures for product cross-site request forgery vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117046"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2123"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18703"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18703"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000053199/security-advisory-for-cross-site-request-forgery-on-some-routers-gateways-and-extenders-psv-2017-0736"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18703"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/352.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2123"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18703"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          },
          {
            "db": "VULMON",
            "id": "CVE-2017-18703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2123"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18703"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18703"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2123"
          },
          {
            "date": "2020-04-24T15:15:12.537000",
            "db": "NVD",
            "id": "CVE-2017-18703"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-28013"
          },
          {
            "date": "2020-05-11T00:00:00",
            "db": "VULMON",
            "id": "CVE-2017-18703"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2123"
          },
          {
            "date": "2024-11-21T03:20:42.307000",
            "db": "NVD",
            "id": "CVE-2017-18703"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2123"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site request forgery vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014997"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2123"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1717

    Vulnerability from variot - Updated: 2024-11-23 21:51

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1717",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21206"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3000rp_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn3100rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          }
        ]
      },
      "cve": "CVE-2018-21206",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21206",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016348",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46358",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21206",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21206",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016348",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21206",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21206",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016348",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46358",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2274",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21206",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2274"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21206"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21206"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21206"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21206",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2274",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21206",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2274"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21206"
          }
        ]
      },
      "id": "VAR-202004-1717",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          }
        ],
        "trust": 1.3238750114285716
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:51:30.166000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2567",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055143/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2567"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46358)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276316"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117366"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2274"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21206"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21206"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055143/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2567"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21206"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2274"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21206"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21206"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2274"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21206"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21206"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2274"
          },
          {
            "date": "2020-04-28T16:15:13.543000",
            "db": "NVD",
            "id": "CVE-2018-21206"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46358"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21206"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2274"
          },
          {
            "date": "2024-11-21T04:03:10.490000",
            "db": "NVD",
            "id": "CVE-2018-21206"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2274"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016348"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2274"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1653

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1653",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "r900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "ex2700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r9000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.28"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.30"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7800",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.38"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wn2000rpt",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wn3000rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "wn3100rp",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21207"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21207"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex2700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r9000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2000rpt_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          }
        ]
      },
      "cve": "CVE-2018-21207",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21207",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016339",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-46560",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21207",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21207",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016339",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21207",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21207",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016339",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-46560",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2277",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21207",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21207"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2277"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21207"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21207"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21207"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21207"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21207",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2277",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21207",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21207"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2277"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21207"
          }
        ]
      },
      "id": "VAR-202004-1653",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          }
        ],
        "trust": 1.29708041
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:53.335000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2566",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055142/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2566"
          },
          {
            "title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-46560)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/276326"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117369"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2277"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21207"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21207"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055142/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2566"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21207"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21207"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2277"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21207"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21207"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2277"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21207"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21207"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2277"
          },
          {
            "date": "2020-04-28T16:15:13.700000",
            "db": "NVD",
            "id": "CVE-2018-21207"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-46560"
          },
          {
            "date": "2020-05-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21207"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2277"
          },
          {
            "date": "2024-11-21T04:03:10.640000",
            "db": "NVD",
            "id": "CVE-2018-21207"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2277"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016339"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2277"
          }
        ],
        "trust": 0.6
      }
    }