CVE-2018-21224

Vulnerability

A pre-authentication buffer overflow vulnerability exists in the firmware of several NETGEAR router and gateway models. The flaw can be triggered without authentication and affects the following devices running versions prior to the indicated fixed releases: D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62 [1].

Exploitation

An attacker with network access to the affected device (adjacent network, per the CVSS vector) can exploit this vulnerability without any prior authentication or user interaction. The attack complexity is low, and the attacker can send specially crafted network traffic to trigger the buffer overflow [1].

Impact

Successful exploitation allows the attacker to achieve arbitrary code execution on the device, potentially leading to full compromise of the router or gateway. This can result in high confidentiality, integrity, and availability impacts, including data exfiltration, device takeover, or denial of service [1].

Mitigation

NETGEAR has released firmware updates that fix this vulnerability. Users should upgrade to the latest firmware version for their specific device model as listed above. The fixed versions are available from the NETGEAR Support website. No workarounds are provided; upgrading is the only recommended mitigation [1].