CVE-2018-21205

Vulnerability

A stack-based buffer overflow vulnerability exists in the pre-authentication code path of several NETGEAR devices [1]. Affected models include D7800 (before 1.0.1.30), EX2700 (before 1.0.1.28), R6100 (before 1.0.1.20), R7500 (before 1.0.0.118), R7500v2 (before 1.0.3.24), R7800 (before 1.0.2.40), R9000 (before 1.0.2.52), WN2000RPTv3 (before 1.0.1.20), WN3000RPv3 (before 1.0.2.50), WN3100RPv2 (before 1.0.0.56), WNDR3700v4 (before 1.0.2.96), WNDR4300 (before 1.0.2.98), WNDR4300v2 (before 1.0.0.50), and WNDR4500v3 (before 1.0.0.50) [1]. The vulnerability is reachable without authentication, requiring no user interaction or special configuration.

Exploitation

An unauthenticated attacker on the same local network (adjacent) can exploit this flaw by sending a specially crafted packet to the affected device [1]. No authentication or prior access is needed. The CVSS v3 vector indicates the attack complexity is low and no user interaction is required [1]. Successful exploitation does not require any privileges on the device.

Impact

Successful exploitation allows an attacker to trigger a stack buffer overflow, potentially leading to arbitrary code execution on the device. The CVSS v3 score of 8.8 (High) reflects high impact on confidentiality, integrity, and availability [1]. An attacker could gain full control of the device, potentially enabling further network compromise.

Mitigation

NETGEAR has released fixed firmware versions for all affected models as noted in the advisory [1]. Users should upgrade to the latest firmware for their specific device model from the NETGEAR Support site [1]. No workarounds are provided; installation of the updated firmware is the only mitigation. There is no indication this CVE is listed in the KEV catalog.