CVE-2018-21203

Vulnerability

A stack-based buffer overflow vulnerability exists in the pre-authentication processing of several NETGEAR routers [1]. Affected devices include the R6100 before firmware version 1.0.1.20, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50 [1]. The vulnerability can be triggered over the network without any prior authentication.

Exploitation

An unauthenticated attacker with adjacent network access can send a specially crafted packet to the affected router to trigger the stack-based buffer overflow [1]. The CVSS v3 vector (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) confirms that no authentication or user interaction is required, and the attack complexity is low [1].

Impact

Successful exploitation allows an attacker to achieve a full compromise of confidentiality, integrity, and availability, potentially leading to remote code execution on the affected device [1]. The CVSS score of 8.8 (High) reflects this critical impact.

Mitigation

NETGEAR has released fixed firmware versions for all affected models: R6100 1.0.1.20, R9000 1.0.2.52, WNDR3700v4 1.0.2.96, WNDR4300 1.0.2.98, WNDR4300v2 1.0.0.50, and WNDR4500v3 1.0.0.50 [1]. Users should update their device firmware immediately. There is no known workaround; the only mitigation is to apply the available patches [1].