CVE-2017-18750
Description
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NETGEAR D6200, R6700v2, R6800, and R6900v2 routers had a pre-authentication stack buffer overflow allowing unauthenticated attackers to execute arbitrary code.
Vulnerability
A stack-based buffer overflow vulnerability exists in certain NETGEAR devices, including D6200 before firmware version 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. The flaw is present in a pre-authentication code path and can be triggered without any authentication [1].
Exploitation
An unauthenticated attacker on the same adjacent network can craft a malicious network request to exploit this stack overflow. The attack requires no privileges and no user interaction, with low complexity [1]. The exploit involves sending a carefully crafted payload to cause a buffer overflow.
Impact
Successful exploitation allows the attacker to execute arbitrary code with high impact on confidentiality, integrity, and availability. The CVSS v3 score is 8.8 (High), indicating full compromise of the affected device [1].
Mitigation
NETGEAR has released firmware fixes for all affected models. Users should upgrade D6200 to version 1.1.00.24, and R6700v2, R6800, and R6900v2 to version 1.1.0.42 [1]. No workaround is available; installing the latest firmware is the only mitigation.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- NETGEAR/D6200description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.