CVE-2022-44200

Vulnerability

A buffer overflow vulnerability exists in the stamode_dns1_pri and stamode_dns1_sec parameters of the Netgear R7000P router. Affected firmware versions are V1.3.0.8 and V1.3.1.64. The vulnerability is triggered when the router processes specially crafted input for these parameters, causing a buffer overflow condition.

Exploitation

An attacker can exploit this vulnerability by sending a crafted request to the router, likely through the web interface or an internal network. The attacker does not require prior authentication, as the parameter handling may be exposed via a pre-authentication endpoint. The exact sequence involves providing an overly long string for either stamode_dns1_pri or stamode_dns1_sec to overflow the buffer.

Impact

Successful exploitation allows the attacker to cause a denial of service (router crash) and potentially execute arbitrary code on the device. Given the router's role, this could lead to compromise of network traffic, device control, and further lateral movement within the network. The attacker gains privileged code execution at the kernel or system level.

Mitigation

Netgear has not yet released a firmware update to address this vulnerability as of the publication date. Users should monitor the vendor's security advisory page [1] for upcoming patches. If no fix is available, affected devices should be isolated from untrusted networks or mitigate exposure by limiting access to the administrative interface.