CVE-2017-18730

Vulnerability

A stack-based buffer overflow vulnerability exists in the pre-authentication code path of several NETGEAR devices. This affects the D6200 (firmware before 1.1.00.24), R6020 (before 1.0.0.30), R6080 (before 1.0.0.30), R6120 (before 1.0.0.36), R6700v2 (before 1.1.0.42), R6800 (before 1.1.0.42), and R6900v2 (before 1.1.0.42) [1]. The vulnerability is reachable without prior authentication and is triggered by specially crafted network traffic.

Exploitation

The vulnerability can be exploited by an unauthenticated attacker with adjacent network access (AV:A) [1]. No privileges or user interaction are required. The attacker sends crafted packets to the vulnerable device, causing a stack-based buffer overflow before any authentication occurs.

Impact

Successful exploitation grants the attacker the ability to execute arbitrary code with high privileges, leading to complete compromise of confidentiality, integrity, and availability. The CVSS v3 score is 8.8 (High) with vector AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [1].

Mitigation

NETGEAR has released fixed firmware versions for all affected models: D6200 firmware 1.1.00.24, R6020 firmware 1.0.0.30, R6080 firmware 1.0.0.30, R6120 firmware 1.0.0.36, R6700v2 firmware 1.1.0.42, R6800 firmware 1.1.0.42, and R6900v2 firmware 1.1.0.42 [1]. Users should download and install the latest firmware from NETGEAR Support as recommended by the vendor. No workarounds have been provided.