CVE-2017-18719

Vulnerability

A stack-based buffer overflow vulnerability exists in the firmware of several NETGEAR routers, including D6200 (before 1.1.00.24), R6020 (before 1.0.0.26), R6080 (before 1.0.0.26), R6700v2 (before 1.1.0.42), R6800 (before 1.1.0.42), and R6900v2 (before 1.1.0.42) [1]. The vulnerability is triggered pre-authentication, meaning no credentials are required to reach the vulnerable code path.

Exploitation

An unauthenticated attacker on the same network (adjacent) can send a specially crafted request to the affected device, causing a stack buffer overflow. The CVSS vector indicates low attack complexity and no user interaction required [1]. The exact sequence of steps is not detailed in the advisory, but the overflow occurs before authentication.

Impact

Successful exploitation allows an attacker to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. The CVSS score is 8.8 (High) [1]. The attacker gains full control of the device.

Mitigation

NETGEAR has released fixed firmware versions for all affected models: D6200 firmware 1.1.00.24, R6020 firmware 1.0.0.26, R6080 firmware 1.0.0.26, R6700v2 firmware 1.1.0.42, R6800 firmware 1.1.0.42, and R6900v2 firmware 1.1.0.42 [1]. Users should update to the latest firmware via the NETGEAR Support page. No workaround is provided; the only mitigation is applying the firmware update.