CVE-2017-18770

Vulnerability

A buffer overflow vulnerability exists in the firmware of certain NETGEAR devices, including the R7800 router and PLW1000v2/PLW1010v2 powerline adapters. The flaw is triggered after authentication, requiring the attacker to have valid credentials. Affected firmware versions are R7800 prior to 1.0.2.36, PLW1000v2 prior to 1.0.0.14, and PLW1010v2 prior to 1.0.0.14 [1].

Exploitation

An attacker must have valid credentials for the device and be on the same local network (adjacent network). With these prerequisites, the attacker can send a specially crafted request that triggers a buffer overflow, potentially leading to arbitrary code execution or denial of service [1].

Impact

Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges, read sensitive information, or cause a denial of service. The CVSS v3 score is 6.8 (High) with vector AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H, indicating high impact on confidentiality, integrity, and availability [1].

Mitigation

NETGEAR has released firmware updates to address this vulnerability. Users should update to R7800 firmware version 1.0.2.36 or later, PLW1000v2 firmware version 1.0.0.14 or later, and PLW1010v2 firmware version 1.0.0.14 or later. No workarounds are provided; updating is the only mitigation [1].