← Zuruck zu CVEs
CVE-2021-38524
MEDIUM4.5
Beschreibung
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, and RBS750 before 3.2.16.6.
CVE Details
CVSS v3.1 Bewertung4.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
AngriffsvektorADJACENT_NETWORK
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht8/11/2021
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
netgear:mk62netgear:mk62_firmwarenetgear:mr60netgear:mr60_firmwarenetgear:ms60netgear:ms60_firmwarenetgear:rax15netgear:rax15_firmwarenetgear:rax20netgear:rax200netgear:rax200_firmwarenetgear:rax20_firmwarenetgear:rax45netgear:rax45_firmwarenetgear:rax50netgear:rax50_firmwarenetgear:rax75netgear:rax75_firmwarenetgear:rax80netgear:rax80_firmwarenetgear:rbk752netgear:rbk752_firmwarenetgear:rbr750netgear:rbr750_firmwarenetgear:rbs750netgear:rbs750_firmware
Schwachen (CWE)
CWE-787
Referenzen
https://kb.netgear.com/000063779/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0225(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.