CVE-2018-21165

Vulnerability

An unspecified denial of service vulnerability exists in the firmware of several NETGEAR router models. Affected devices include R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64 [1]. The vulnerability can be triggered by an authenticated user with administrative privileges.

Exploitation

An attacker must be on the same local network (adjacent) and possess valid administrative credentials for the router. With these, the attacker can send a crafted request to the router's management interface, causing the device to crash and become unresponsive [1]. No user interaction is required beyond the initial authentication.

Impact

Successful exploitation results in a denial of service, rendering the router unavailable for legitimate network traffic. The confidentiality and integrity of data are not affected, but availability is completely compromised until the device is manually rebooted [1].

Mitigation

NETGEAR has released fixed firmware versions for all affected models. Users should upgrade to the latest firmware as soon as possible: R6100 to 1.0.1.22 or later, R7500 to 1.0.0.122 or later, R7800 to 1.0.2.42 or later, R8900 and R9000 to 1.0.3.10 or later, WNDR3700v4 to 1.0.2.96 or later, WNDR4300 to 1.0.2.98 or later, WNDR4300v2 and WNDR4500v3 to 1.0.0.54 or later, and WNR2000v5 to 1.0.0.64 or later [1]. No workarounds are provided; the only mitigation is applying the firmware update.