CVE-2018-21170

Vulnerability

A stack-based buffer overflow vulnerability exists in the firmware of several NETGEAR devices, including EX2700 before 1.0.1.28, R7800 before 1.0.2.40, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56 [1]. The vulnerability is present in the pre-authentication code path, allowing an unauthenticated attacker to trigger the overflow without any credentials [1].

Exploitation

An unauthenticated attacker on the same network (adjacent) can send a specially crafted packet to the vulnerable device, causing a stack-based buffer overflow [1]. The CVSS vector indicates low attack complexity and no user interaction required (AV:A/AC:L/PR:N/UI:N) [1]. The attacker does not need any prior authentication or access to the device.

Impact

Successful exploitation allows the attacker to achieve arbitrary code execution on the device, potentially gaining full control [1]. The CVSS score of 8.8 (High) reflects high impact on confidentiality, integrity, and availability (C:H/I:H/A:H) [1].

Mitigation

NETGEAR has released firmware updates to fix the vulnerability: EX2700 version 1.0.1.28, R7800 version 1.0.2.40, WN2000RPTv3 version 1.0.1.20, WN3000RPv3 version 1.0.2.50, and WN3100RPv2 version 1.0.0.56 [1]. Users should download and install the latest firmware from NETGEAR Support. There is no workaround; updating the firmware is the only mitigation [1].