CVE-2017-18761
Description
NETGEAR R8000 devices before 1.0.4.2 are affected by a stack-based buffer overflow by an authenticated user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NETGEAR R8000 routers running firmware before 1.0.4.2 contain a post-authentication stack-based buffer overflow that allows an authenticated attacker to execute arbitrary code.
Vulnerability
A stack-based buffer overflow vulnerability exists in NETGEAR R8000 routers running firmware versions prior to 1.0.4.2. The flaw is triggered after authentication, meaning an attacker must have valid credentials to reach the vulnerable code path. [1]
Exploitation
An authenticated attacker can exploit this vulnerability by sending a specially crafted request to the affected device. The advisory does not specify the exact input vector, but the overflow occurs in a stack buffer during processing of the malicious request. [1]
Impact
Successful exploitation allows the attacker to execute arbitrary code on the device with elevated privileges. The CVSS v3 score of 6.8 (Medium) with vector AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H indicates high impact on confidentiality, integrity, and availability. [1]
Mitigation
NETGEAR released firmware version 1.0.4.2 to address this vulnerability. Users should update their R8000 routers to the latest firmware available from NETGEAR Support. No workarounds are documented. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.