CVE-2018-21174

Vulnerability

A stack-based buffer overflow vulnerability exists in the firmware of multiple NETGEAR routers and gateways. The flaw can be triggered by an authenticated user, allowing a buffer overflow on the stack. Affected models include D6100 (before 1.0.0.57), R7500 (before 1.0.0.122), R7800 (before 1.0.2.40), R9000 (before 1.0.2.52), WNDR3700v4 (before 1.0.2.92), WNDR4300 (before 1.0.2.94), WNDR4300v2 (before 1.0.0.50), WNDR4500v3 (before 1.0.0.50), and WNR2000v5 (before 1.0.0.62). [1]

Exploitation

An attacker must have valid credentials to the device's administrative interface and be on the same local network (adjacent network). The attacker can then send specially crafted input to the vulnerable component, causing a stack buffer overflow. [1]

Impact

Successful exploitation could allow the attacker to execute arbitrary code with root privileges, leading to full compromise of the device, including disclosure of sensitive information, modification of configuration, or denial of service. [1]

Mitigation

NETGEAR has released firmware updates to fix this vulnerability. Users should upgrade to the latest firmware versions as listed in the advisory: D6100 1.0.0.57, R7500 1.0.0.122, R7800 1.0.2.40, R9000 1.0.2.52, WNDR3700v4 1.0.2.92, WNDR4300 1.0.2.94, WNDR4300v2 1.0.0.50, WNDR4500v3 1.0.0.50, and WNR2000v5 1.0.0.62. No workarounds are available. [1]