CVE-2018-21133
Description
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.0.17 and WAC510 before 5.0.0.17.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
NETGEAR WAC505 and WAC510 access points are vulnerable to a pre-authentication stack-based buffer overflow, allowing an unauthenticated attacker on the adjacent network to achieve code execution.
Vulnerability
A stack-based buffer overflow vulnerability exists in the pre-authentication process of NETGEAR WAC505 and WAC510 wireless access points running firmware versions prior to 5.0.0.17. The flaw allows an unauthenticated attacker to trigger the overflow by sending specially crafted packets to the device. [1]
Exploitation
An attacker with network access to the device (adjacent network) can exploit this vulnerability by sending a crafted packet without any authentication. No user interaction is required, and the attack complexity is low. [1]
Impact
Successful exploitation leads to complete compromise of confidentiality, integrity, and availability, as indicated by a CVSS v3 score of 8.8 with High impact on all CIA triad elements. The attacker can execute arbitrary code with high privileges. [1]
Mitigation
NETGEAR has released firmware version 5.0.0.17 to fix this issue. Users should download and install the latest firmware from NETGEAR Support for their specific model (WAC505 or WAC510). No workaround is available. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- NETGEAR/NETGEAR devicesdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.