CVE-2018-21183

Vulnerability

A stack-based buffer overflow vulnerability exists in the firmware of several NETGEAR router models, including R7800 (before 1.0.2.40), R9000 (before 1.0.2.52), WNDR3700v4 (before 1.0.2.92), and WNDR4300 (before 1.0.2.94) [1]. The issue is triggered after authentication, meaning the attacker must have valid credentials to an administrative interface or other authenticated service on the device.

Exploitation

To exploit this vulnerability, an attacker must first authenticate to the affected device. Once authenticated, the attacker sends a specially crafted request that causes a stack-based buffer overflow. No user interaction or additional privileges beyond those of the authenticated user are required. The CVSS vector indicates network adjacency is required (AV:A), meaning the attacker should be on the same network segment as the device [1].

Impact

Successful exploitation of the stack-based buffer overflow can allow the attacker to gain arbitrary code execution on the device, potentially leading to full compromise of the router. The CVSS v3 score of 6.8 (Medium) with CIA impact ratings of High/High/High indicates significant potential for information disclosure, data integrity loss, and service disruption [1].

Mitigation

NETGEAR has released fixed firmware versions for all affected models: R7800 firmware version 1.0.2.40, R9000 firmware version 1.0.2.52, WNDR3700v4 firmware version 1.0.2.92, and WNDR4300 firmware version 1.0.2.94 [1]. Users should download and install the latest firmware from NETGEAR Support as soon as possible [1]. There are no known workarounds other than applying the firmware update, and keeping the device firmware up-to-date prevents exploitation of this vulnerability.