VYPR
← All advisories
Medium severity6.8NVD Advisory· Published Sep 15, 2017· Updated May 13, 2026

CVE-2017-10814

CVE-2017-10814

Description

Buffer overflow in CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary code via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A buffer overflow in CG-WLR300NM firmware 1.90 and earlier allows an administrative user to execute arbitrary code via unspecified vectors.

Vulnerability

A buffer overflow vulnerability (CWE-119) exists in CG-WLR300NM wireless LAN router firmware version 1.90 and earlier [1]. The flaw resides in an unspecified component reachable through the administrative console [1]. The product is end-of-life and no longer supported [1].

Exploitation

An attacker must be on the same adjacent network and have administrative credentials to access the device's management interface [1]. The attack complexity is low; no user interaction is required beyond the authenticated session. The exact sequence of inputs triggering the overflow has not been publicly disclosed [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code on the device with the full privileges of the administrative console [1]. This can lead to complete compromise of confidentiality, integrity, and availability of the router and potentially the network it serves [1].

Mitigation

Corega Inc. has no plan to release a fix because the CG-WLR300NM is end-of-life and no longer supported [1]. The only mitigation advised by JPCERT/CC is to stop using the device entirely and replace it with a supported alternative [1].

References
  1. JVN#00719891: Multiple vulnerabilities in CG-WLR300NM

AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Corega/Cg Wlr300nmllm-fuzzy2 versions
    <=1.90+ 1 more
    • (no CPE)range: <=1.90
    • (no CPE)range: Firmware version 1.90 and earlier

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.