CVE-2022-48322

Vulnerability

A stack-based buffer overflow vulnerability exists in the pre-authentication code path of several NETGEAR Nighthawk WiFi Mesh systems and routers. The affected models include MR60, MS60 (both before firmware version 1.1.7.132), R6900P and R7000P (both before 1.3.3.154), and R7960P and R8000P (both before 1.4.4.94). No authentication is required to reach the vulnerable code path [1].

Exploitation

An unauthenticated attacker with network access to the affected device can send a crafted request to trigger the stack-based buffer overflow. The vulnerability is pre-authentication, meaning no valid credentials or prior session are required. The CVSS vector indicates user interaction is required (UI:R), such as clicking a malicious link, although the exact interaction context depends on the specific service exposed [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code in the context of the device's firmware. The CVSS v3.0 score is 7.6 (High) with the vector AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating complete compromise of confidentiality, integrity, and availability. The attack is limited to the affected device (scope unchanged) [1].

Mitigation

NETGEAR has released fixed firmware versions: MR60 and MS60 must be updated to version 1.1.7.132; R6900P and R7000P to version 1.3.3.154; R7960P and R8000P to version 1.4.4.94. No workarounds are available [1]. Users should download and install the latest firmware from the NETGEAR Support portal. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.