VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 28, 2020· Updated Aug 5, 2024

CVE-2018-21220

CVE-2018-21220

Description

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Pre-authentication buffer overflow in multiple NETGEAR routers/gateways allows unauthenticated attackers within Wi-Fi range to achieve complete device compromise.

Vulnerability

A buffer overflow vulnerability exists in the firmware of multiple NETGEAR routers and gateways, accessible to an unauthenticated attacker. The affected models and the earliest fixed versions are: D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62 [1]. The vulnerability is triggered during the pre-authentication phase, meaning the attacker does not need to be logged in to the device's management interface.

Exploitation

An attacker with network access to the targeted device can send specially crafted packets to exploit the buffer overflow. Adjacent network proximity (e.g., within Wi-Fi range, AV:A) is required, but no authentication or user interaction is needed [1]. The exact protocol or service vulnerable is not detailed in the advisory, but the pre-authentication nature suggests the overflow occurs in a service that processes initial connection requests.

Impact

Successful exploitation results in arbitrary code execution with high privileges on the device. The CVSS v3 vector (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) indicates complete compromise of confidentiality, integrity, and availability, with no scope change [1]. The attacker could thus gain full control of the affected router or gateway.

Mitigation

NETGEAR has released firmware updates that fix this vulnerability. Users should immediately upgrade to the following versions or later: D3600 to 1.0.0.67, D6000 to 1.0.0.67, D6100 to 1.0.0.56, D7800 to 1.0.1.30, R6100 to 1.0.1.20, R7500 to 1.0.0.118, R7500v2 to 1.0.3.24, R9000 to 1.0.2.52, WNDR3700v4 to 1.0.2.96, WNDR4300 to 1.0.2.98, WNDR4300v2 to 1.0.0.50, WNDR4500v3 to 1.0.0.50, and WNR2000v5 to 1.0.0.62 [1]. The advisory provides step-by-step instructions for downloading and installing the latest firmware. No workarounds are listed; updating is the only recommended mitigation.

References
  1. Security Advisory for Pre-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2017-2481

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.