Netgear Products Remote Code Execution Vulnerability
Release Date:
12 Nov 2021
5429
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
A vulnerability was identified in Netgear Products. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Impact
- Remote Code Execution
System / Technologies affected
- EX3700 running firmware versions prior to 1.0.0.94
- EX3800 running firmware versions prior to 1.0.0.94
- EX6120 running firmware versions prior to 1.0.0.66
- EX6130 running firmware versions prior to 1.0.0.66
- R6400 running firmware versions prior to 1.0.1.76
- R6400v2 running firmware versions prior to 1.0.4.120
- R6700v3 running firmware versions prior to 1.0.4.120
- R6900P running firmware versions prior to 1.3.3.142_HOTFIX
- R7000 running firmware versions prior to 1.0.11.128
- R7000P running firmware versions prior to 1.3.3.142_HOTFIX
- R7100LG running firmware versions prior to 1.0.0.72
- R7850 running firmware versions prior to 1.0.5.76
- R7900P running firmware versions prior to 1.4.2.84
- R7960P running firmware versions prior to 1.4.2.84
- R8000 running firmware versions prior to 1.0.4.76
- R8000P running firmware versions prior to 1.4.2.84
- R8300 running firmware versions prior to 1.0.2.156
- R8500 running firmware versions prior to 1.0.2.156
- RAX15 running firmware versions prior to 1.0.4.100
- RAX20 running firmware versions prior to 1.0.4.100
- RAX200 running firmware versions prior to 1.0.5.132
- RAX35v2 running firmware versions prior to 1.0.4.100
- RAX38v2 running firmware versions prior to 1.0.4.100
- RAX40v2 running firmware versions prior to 1.0.4.100
- RAX42 running firmware versions prior to 1.0.4.100
- RAX43 running firmware versions prior to 1.0.4.100
- RAX45 running firmware versions prior to 1.0.4.100
- RAX48 running firmware versions prior to 1.0.4.100
- RAX50 running firmware versions prior to 1.0.4.100
- RAX50S running firmware versions prior to 1.0.4.100
- RAX75 running firmware versions prior to 1.0.5.132
- RAX80 running firmware versions prior to 1.0.5.132
- RAXE450 running firmware versions prior to 1.0.8.70
- RAXE500 running firmware versions prior to 1.0.8.70
- RS400 running firmware versions prior to 1.5.1.80
- WNDR3400v3 running firmware versions prior to 1.0.1.42
- WNR3500Lv2 running firmware versions prior to 1.2.0.70
- XR300 running firmware versions prior to 1.0.3.68
- D6220 running firmware versions prior to 1.0.0.76
- D6400 running firmware versions prior to 1.0.0.108
- D7000v2 running firmware versions prior to 1.0.0.76
- DGN2200v4 running firmware versions prior to 1.0.0.126
- DC112A running firmware versions prior to 1.0.0.62
- CAX80 running firmware versions prior to 2.1.3.5
Solutions
Before installation of the software, please visit the vendor's web-site for more details.
- Apply fixes issued by the vendor:
- Upgrade EX3700 firmware to version 1.0.0.94
- Upgrade EX3800 firmware to version 1.0.0.94
- Upgrade EX6120 firmware to version 1.0.0.66
- Upgrade EX6130 firmware to version 1.0.0.66
- Upgrade R6400 firmware to version 1.0.1.76
- Upgrade R6400v2 firmware to version 1.0.4.120
- Upgrade R6700v3 firmware to version 1.0.4.120
- Upgrade R6900P firmware to version 1.3.3.142_HOTFIX
- Upgrade R7000 firmware to version 1.0.11.128
- Upgrade R7000P firmware to version 1.3.3.142_HOTFIX
- Upgrade R7100LG firmware to version 1.0.0.72
- Upgrade R7850 firmware to version 1.0.5.76
- Upgrade R7900P firmware to version 1.4.2.84
- Upgrade R7960P firmware to version 1.4.2.84
- Upgrade R8000 firmware to version 1.0.4.76
- Upgrade R8000P firmware to version 1.4.2.84
- Upgrade R8300 firmware to version 1.0.2.156
- Upgrade R8500 firmware to version 1.0.2.156
- Upgrade RAX15 firmware to version 1.0.4.100
- Upgrade RAX20 firmware to version 1.0.4.100
- Upgrade RAX200 firmware to version 1.0.5.132
- Upgrade RAX35v2 firmware to version 1.0.4.100
- Upgrade RAX38v2 firmware to version 1.0.4.100
- Upgrade RAX40v2 firmware to version 1.0.4.100
- Upgrade RAX42 firmware to version 1.0.4.100
- Upgrade RAX43 firmware to version 1.0.4.100
- Upgrade RAX45 firmware to version 1.0.4.100
- Upgrade RAX48 firmware to version 1.0.4.100
- Upgrade RAX50 firmware to version 1.0.4.100
- Upgrade RAX50S firmware to version 1.0.4.100
- Upgrade RAX75 firmware to version 1.0.5.132
- Upgrade RAX80 firmware to version 1.0.5.132
- Upgrade RAXE450 firmware to version 1.0.8.70
- Upgrade RAXE500 firmware to version 1.0.8.70
- Upgrade RS400 firmware to version 1.5.1.80
- Upgrade WNDR3400v3 firmware to version 1.0.1.42
- Upgrade WNR3500Lv2 firmware to version 1.2.0.70
- Upgrade XR300 firmware to version 1.0.3.68
- Upgrade D6220 firmware to version 1.0.0.76
- Upgrade D6400 firmware to version 1.0.0.108
- Upgrade D7000v2 firmware to version 1.0.0.76
- Upgrade DGN2200v4 firmware to version 1.0.0.126
- Upgrade DC112A firmware to version 1.0.0.62
- Upgrade CAX80 firmware to version 2.1.3.5
- https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168#
Vulnerability Identifier
Source
Related Link
Related Tags
Share with