CVE-2021-45604
Description
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A stack-based buffer overflow in multiple NETGEAR devices allows an authenticated attacker to cause a denial of service or potentially execute arbitrary code.
Vulnerability
A stack-based buffer overflow vulnerability exists in the firmware of numerous NETGEAR routers and WiFi systems. Affected models and minimum patched versions include: CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62, MR60, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P, R7000P before 1.3.3.140, R7000 before 1.0.11.116, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P, R7960P, R8000P before 1.4.2.84, R8000 before 1.0.4.68, RAX15, RAX20, RAX35v2, RAX40v2, RAX43, RAX45, RAX50 before 1.0.3.96, RAX200, RAX75, RAX80 before 1.0.4.120, RBK752, RBK852, RBR750, RBR850, RBS750, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58 [1]. The vulnerability is reachable only after successful authentication to the device's management interface [1].
Exploitation
An attacker must first authenticate to the affected NETGEAR device, typically through the web-based admin interface. After authentication, the attacker can send a specially crafted request that triggers a stack-based buffer overflow in the firmware. The exact endpoint or parameter is not publicly disclosed, but the overflow is exploitable post-authentication [1].
Impact
Successful exploitation could allow the authenticated attacker to cause a denial of service (device crash or hang) or potentially achieve arbitrary code execution on the device. The impact is limited to attackers who already possess valid administrative credentials [1].
Mitigation
NETGEAR has released firmware fixes for all affected models. The fixed versions are listed in the advisory [1]. Users should update their device firmware to the specified patched version or later through the device's web interface or the NETGEAR support page. There are no known workarounds other than applying the patch [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- NETGEAR/NETGEAR devicesdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.