CVE-2017-18744

Vulnerability

A pre-authentication buffer overflow vulnerability exists in several NETGEAR router models, including R6250, R6300v2, R6700, R6900, R7000, R7900, R8000, and R8500. Affected firmware versions are: R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.74 [1]. The vulnerability can be triggered without authentication.

Exploitation

An unauthenticated attacker on the local network can exploit the buffer overflow by sending a specially crafted request to the affected device. No user interaction is required [1].

Impact

Successful exploitation allows an attacker to execute arbitrary code with high privileges, potentially leading to full compromise of the device, including disclosure of sensitive information, modification of data, and disruption of service [1].

Mitigation

NETGEAR has released firmware updates to fix this vulnerability. Users should download and install the latest firmware for their specific model from NETGEAR Support as soon as possible. The fixed versions are: R6250 1.0.4.12, R6300v2 1.0.4.12, R6700 1.0.1.22, R6900 1.0.1.22, R7000 1.0.9.4, R7900 1.0.1.12, R8000 1.0.3.24, and R8500 1.0.2.74 [1].