CVE-2017-18724

Vulnerability

A stack-based buffer overflow vulnerability exists in the pre-authentication code path of several NETGEAR router models. The flaw affects the following devices running firmware versions prior to the indicated fixed releases: D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. The vulnerability is reachable without any authentication, as it occurs before the login process [1].

Exploitation

An unauthenticated attacker with adjacent network access (CVSS v3 vector AV:A) can exploit this vulnerability by sending a specially crafted packet to the affected device. No user interaction or prior authentication is required. The exact sequence of steps is not publicly detailed, but the advisory confirms that the overflow can be triggered remotely from the local network [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code with elevated privileges, leading to full compromise of confidentiality, integrity, and availability. The CVSS v3 base score is 8.8 (High), with the vector indicating high impact to all three security objectives [1].

Mitigation

NETGEAR has released fixed firmware versions for all affected models: D6200 firmware version 1.1.00.24, R6700v2 firmware version 1.1.0.42, R6800 firmware version 1.1.0.42, and R6900v2 firmware version 1.1.0.42. Users are strongly advised to download and install the latest firmware from the NETGEAR Support website. No workarounds are provided; updating to the patched version is the only recommended mitigation [1].