CVE-2022-27641
Severity CVSS v4.0:
Pending analysis
Type:
CWE-190
Integer Overflow or Wraparound
Publication date:
29/03/2023
Last modified:
05/04/2023
Description
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15806.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:* | 1.0.1.68 (excluding) | |
| cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:* | 1.0.1.90 (excluding) | |
| cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:* | 1.0.1.240 (excluding) | |
| cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:* | 1.1.0.112 (excluding) | |
| cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:* | 1.1.0.112 (excluding) | |
| cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:* | 1.0.4.122 (excluding) | |
| cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:* | 1.0.4.122 (excluding) | |
| cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:* | 1.0.11.130 (excluding) |
To consult the complete list of CPE names with products and versions, see this page