A vulnerability was identified in Netgear Products. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Impact
- Remote Code Execution
System / Technologies affected
- EX3700 running firmware versions prior to 1.0.0.94
- EX3800 running firmware versions prior to 1.0.0.94
- EX6120 running firmware versions prior to 1.0.0.66
- EX6130 running firmware versions prior to 1.0.0.66
- R6400 running firmware versions prior to 1.0.1.76
- R6400v2 running firmware versions prior to 1.0.4.120
- R6700v3 running firmware versions prior to 1.0.4.120
- R6900P running firmware versions prior to 1.3.3.142_HOTFIX
- R7000 running firmware versions prior to 1.0.11.128
- R7000P running firmware versions prior to 1.3.3.142_HOTFIX
- R7100LG running firmware versions prior to 1.0.0.72
- R7850 running firmware versions prior to 1.0.5.76
- R7900P running firmware versions prior to 1.4.2.84
- R7960P running firmware versions prior to 1.4.2.84
- R8000 running firmware versions prior to 1.0.4.76
- R8000P running firmware versions prior to 1.4.2.84
- R8300 running firmware versions prior to 1.0.2.156
- R8500 running firmware versions prior to 1.0.2.156
- RAX15 running firmware versions prior to 1.0.4.100
- RAX20 running firmware versions prior to 1.0.4.100
- RAX200 running firmware versions prior to 1.0.5.132
- RAX35v2 running firmware versions prior to 1.0.4.100
- RAX38v2 running firmware versions prior to 1.0.4.100
- RAX40v2 running firmware versions prior to 1.0.4.100
- RAX42 running firmware versions prior to 1.0.4.100
- RAX43 running firmware versions prior to 1.0.4.100
- RAX45 running firmware versions prior to 1.0.4.100
- RAX48 running firmware versions prior to 1.0.4.100
- RAX50 running firmware versions prior to 1.0.4.100
- RAX50S running firmware versions prior to 1.0.4.100
- RAX75 running firmware versions prior to 1.0.5.132
- RAX80 running firmware versions prior to 1.0.5.132
- RAXE450 running firmware versions prior to 1.0.8.70
- RAXE500 running firmware versions prior to 1.0.8.70
- RS400 running firmware versions prior to 1.5.1.80
- WNDR3400v3 running firmware versions prior to 1.0.1.42
- WNR3500Lv2 running firmware versions prior to 1.2.0.70
- XR300 running firmware versions prior to 1.0.3.68
- D6220 running firmware versions prior to 1.0.0.76
- D6400 running firmware versions prior to 1.0.0.108
- D7000v2 running firmware versions prior to 1.0.0.76
- DGN2200v4 running firmware versions prior to 1.0.0.126
- DC112A running firmware versions prior to 1.0.0.62
- CAX80 running firmware versions prior to 2.1.3.5
Solutions
Before installation of the software, please visit the vendor's web-site for more details.
- Apply fixes issued by the vendor:
- Upgrade EX3700 firmware to version 1.0.0.94
- Upgrade EX3800 firmware to version 1.0.0.94
- Upgrade EX6120 firmware to version 1.0.0.66
- Upgrade EX6130 firmware to version 1.0.0.66
- Upgrade R6400 firmware to version 1.0.1.76
- Upgrade R6400v2 firmware to version 1.0.4.120
- Upgrade R6700v3 firmware to version 1.0.4.120
- Upgrade R6900P firmware to version 1.3.3.142_HOTFIX
- Upgrade R7000 firmware to version 1.0.11.128
- Upgrade R7000P firmware to version 1.3.3.142_HOTFIX
- Upgrade R7100LG firmware to version 1.0.0.72
- Upgrade R7850 firmware to version 1.0.5.76
- Upgrade R7900P firmware to version 1.4.2.84
- Upgrade R7960P firmware to version 1.4.2.84
- Upgrade R8000 firmware to version 1.0.4.76
- Upgrade R8000P firmware to version 1.4.2.84
- Upgrade R8300 firmware to version 1.0.2.156
- Upgrade R8500 firmware to version 1.0.2.156
- Upgrade RAX15 firmware to version 1.0.4.100
- Upgrade RAX20 firmware to version 1.0.4.100
- Upgrade RAX200 firmware to version 1.0.5.132
- Upgrade RAX35v2 firmware to version 1.0.4.100
- Upgrade RAX38v2 firmware to version 1.0.4.100
- Upgrade RAX40v2 firmware to version 1.0.4.100
- Upgrade RAX42 firmware to version 1.0.4.100
- Upgrade RAX43 firmware to version 1.0.4.100
- Upgrade RAX45 firmware to version 1.0.4.100
- Upgrade RAX48 firmware to version 1.0.4.100
- Upgrade RAX50 firmware to version 1.0.4.100
- Upgrade RAX50S firmware to version 1.0.4.100
- Upgrade RAX75 firmware to version 1.0.5.132
- Upgrade RAX80 firmware to version 1.0.5.132
- Upgrade RAXE450 firmware to version 1.0.8.70
- Upgrade RAXE500 firmware to version 1.0.8.70
- Upgrade RS400 firmware to version 1.5.1.80
- Upgrade WNDR3400v3 firmware to version 1.0.1.42
- Upgrade WNR3500Lv2 firmware to version 1.2.0.70
- Upgrade XR300 firmware to version 1.0.3.68
- Upgrade D6220 firmware to version 1.0.0.76
- Upgrade D6400 firmware to version 1.0.0.108
- Upgrade D7000v2 firmware to version 1.0.0.76
- Upgrade DGN2200v4 firmware to version 1.0.0.126
- Upgrade DC112A firmware to version 1.0.0.62
- Upgrade CAX80 firmware to version 2.1.3.5
- https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168#
[ad_2]
Source link
Is your business effected by Cyber Crime?
If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Digitpol can assist with all stages of cyber related incidents.
Contact Digitpol’s hotlines or respond to us online.
ASIA +85239733884
Europe +31558448040
UK +44 20 8089 9944