CVE-2018-21189

Vulnerability

A stack-based buffer overflow vulnerability exists in the firmware of several NETGEAR routers and gateways. The flaw is triggered by an authenticated user and affects the following models and firmware versions: D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62 [1].

Exploitation

An attacker must first obtain valid credentials for the device's administrative interface. Once authenticated, the attacker can send a specially crafted request to the vulnerable component, causing a stack-based buffer overflow. The advisory does not detail the exact input vector, but the vulnerability is reachable through the web-based management interface [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code on the device with elevated privileges. This can lead to full compromise of the router or gateway, including disclosure of sensitive information, modification of device configuration, and denial of service. The CVSS v3 score is 6.8 (Medium) with a vector of AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H [1].

Mitigation

NETGEAR has released fixed firmware versions for all affected models. Users should update to the latest firmware as soon as possible: D6100 to 1.0.0.57, R6100 to 1.0.1.20, R7800 to 1.0.2.40, R9000 to 1.0.2.52, WNDR3700v4 to 1.0.2.92, WNDR4300 to 1.0.2.94, WNDR4300v2 to 1.0.0.50, WNDR4500v3 to 1.0.0.50, and WNR2000v5 to 1.0.0.62. No workarounds are provided; updating firmware is the only recommended mitigation [1].