CVE-2017-18729

Vulnerability

A stack-based buffer overflow vulnerability exists in the firmware of several NETGEAR devices, including D6200 (before 1.1.00.24), R6020 (before 1.0.0.30), R6080 (before 1.0.0.30), R6120 (before 1.0.0.36), R6700v2 (before 1.1.0.42), R6800 (before 1.1.0.42), and R6900v2 (before 1.1.0.42). The vulnerability can be triggered pre-authentication, meaning no credentials are required to exploit it [1].

Exploitation

An unauthenticated attacker with network access (adjacent network according to the CVSS vector) can send a specially crafted packet to the affected device, causing a stack-based buffer overflow. No user interaction is required [1].

Impact

Successful exploitation allows an attacker to execute arbitrary code on the device with high privileges, leading to complete compromise of confidentiality, integrity, and availability (CVSS v3 score 8.8, vector AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) [1].

Mitigation

NETGEAR has released firmware updates to fix this vulnerability. Users should upgrade to the following versions or later: D6200 (1.1.00.24), R6020 (1.0.0.30), R6080 (1.0.0.30), R6120 (1.0.0.36), R6700v2 (1.1.0.42), R6800 (1.1.0.42), R6900v2 (1.1.0.42). No workarounds are available [1].