Vulnerabilities > CVE-2020-35799 - Out-of-bounds Write vulnerability in Netgear products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

netgear

CWE-787

NVD

Published: 2020-12-30

Updated: 2021-01-04

Summary

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.

Vulnerable Configurations

Part	Description	Count
OS	Netgear Netgear D3600 Firmware - Netgear D3600 Firmware 1.0.0.49 Netgear D3600 Firmware 1.0.0.61 Netgear D3600 Firmware 1.0.0.67 Netgear D3600 Firmware 1.0.0.68 Netgear D3600 Firmware 1.0.0.72 Netgear D3600 Firmware _1.0.0.49 Netgear D6000 Firmware - Netgear D6000 Firmware 1.0.0.49 Netgear D6000 Firmware 1.0.0.61 Netgear D6000 Firmware 1.0.0.67 Netgear D6000 Firmware 1.0.0.68 Netgear D6000 Firmware 1.0.0.72 Netgear D6000 Firmware 1.0.0.76 Netgear D6200 Firmware 1.1.00.24 Netgear D6200 Firmware 1.1.00.28 Netgear D6200 Firmware 1.1.00.30 Netgear D7000 Firmware - Netgear D7000 Firmware 1.0.0.38 Netgear D7000 Firmware 1.0.0.44 Netgear D7000 Firmware 1.0.0.51 Netgear D7000 Firmware 1.0.0.52 Netgear D7000 Firmware 1.0.0.53 Netgear D7000 Firmware 1.0.0.74 Netgear D7000 Firmware 1.0.1.50 Netgear D7000 Firmware 1.0.1.52 Netgear D7000 Firmware 1.0.1.60 Netgear D7000 Firmware 1.0.1.66 Netgear D7800 Firmware 1.0.1.22 Netgear D7800 Firmware 1.0.1.24 Netgear D7800 Firmware 1.0.1.28 Netgear D7800 Firmware 1.0.1.30 Netgear D7800 Firmware 1.0.1.31 Netgear D7800 Firmware 1.0.1.34 Netgear D7800 Firmware 1.0.1.40 Netgear D7800 Firmware 1.0.1.42 Netgear D7800 Firmware 1.0.1.44 Netgear D7800 Firmware 1.0.1.47 Netgear Dm200 Firmware 1.0.0.50 Netgear Dm200 Firmware 1.0.0.52 Netgear Dm200 Firmware 1.0.0.58 Netgear Ex2700 Firmware - Netgear Ex2700 Firmware 1.0.1.28 Netgear Ex2700 Firmware 1.0.1.32 Netgear Ex2700 Firmware 1.0.1.42 Netgear Ex2700 Firmware 1.0.1.48 Netgear Ex6100V2 Firmware * Netgear Ex6150V2 Firmware * Netgear Ex6200V2 Firmware * Netgear Ex6400 Firmware 1.0.1.60 Netgear Ex6400 Firmware 1.0.1.72 Netgear Ex6400 Firmware 1.0.1.78 Netgear Ex6400 Firmware 1.0.2.136 Netgear Ex7300 Firmware - Netgear Ex7300 Firmware 1.0.1 Netgear Ex7300 Firmware 1.0.1.60 Netgear Ex7300 Firmware 1.0.1.62 Netgear Ex7300 Firmware 1.0.1.72 Netgear Ex7300 Firmware 1.0.1.78 Netgear Ex7300 Firmware 1.0.2.136 Netgear Ex8000 Firmware 1.0.0.102 Netgear Ex8000 Firmware 1.0.0.114 Netgear Ex8000 Firmware 1.0.0.118 Netgear Ex8000 Firmware 1.0.1.180 Netgear Jr6150 Firmware 1.0.0.17 Netgear Jr6150 Firmware 1.0.1.7 Netgear Jr6150 Firmware 1.0.1.10 Netgear Jr6150 Firmware 1.0.1.12 Netgear Jr6150 Firmware 1.0.1.14 Netgear Jr6150 Firmware 1.0.1.16 Netgear Pr2000 Firmware - Netgear Pr2000 Firmware 1.0.0.17 Netgear Pr2000 Firmware 1.0.0.18 Netgear Pr2000 Firmware 1.0.0.20 Netgear Pr2000 Firmware 1.0.0.22 Netgear Pr2000 Firmware 1.0.0.24 Netgear R6020 Firmware 1.0.0.26 Netgear R6020 Firmware 1.0.0.30 Netgear R6020 Firmware 1.0.0.34 Netgear R6050 Firmware 1.0.0.86 Netgear R6050 Firmware 1.0.1.7 Netgear R6050 Firmware 1.0.1.10 Netgear R6050 Firmware 1.0.1.10J Netgear R6050 Firmware 1.0.1.12 Netgear R6050 Firmware 1.0.1.14 Netgear R6050 Firmware 1.0.1.16 Netgear R6080 Firmware 1.0.0.26 Netgear R6080 Firmware 1.0.0.30 Netgear R6080 Firmware 1.0.0.34 Netgear R6120 Firmware - Netgear R6120 Firmware 1.0.0.30 Netgear R6120 Firmware 1.0.0.36 Netgear R6120 Firmware 1.0.0.40 Netgear R6120 Firmware 1.0.0.42 Netgear R6120 Firmware 1.0.0.44 Netgear R6220 Firmware - Netgear R6220 Firmware 1.1.0.46 Netgear R6220 Firmware 1.1.0.50 Netgear R6220 Firmware 1.1.0.60 Netgear R6220 Firmware 1.1.0.64 Netgear R6220 Firmware 1.1.0.66 Netgear R6220 Firmware 1.1.0.68 Netgear R6230 Firmware * Netgear R6260 Firmware * Netgear R6700V2 Firmware * Netgear R6800 Firmware - Netgear R6800 Firmware 1.0.1.10 Netgear R6800 Firmware 1.1.0.38 Netgear R6800 Firmware 1.1.0.42 Netgear R6800 Firmware 1.2.0.2 Netgear R6800 Firmware 1.2.0.4 Netgear R6800 Firmware 1.2.0.12 Netgear R6800 Firmware 1.2.0.14 Netgear R6800 Firmware 1.2.0.16 Netgear R6800 Firmware 1.2.0.24 Netgear R6900V2 Firmware * Netgear R7500V2 Firmware * Netgear R7800 Firmware - Netgear R7800 Firmware 1.0.1.30 Netgear R7800 Firmware 1.0.2.16 Netgear R7800 Firmware 1.0.2.28 Netgear R7800 Firmware 1.0.2.30 Netgear R7800 Firmware 1.0.2.32 Netgear R7800 Firmware 1.0.2.36 Netgear R7800 Firmware 1.0.2.38 Netgear R7800 Firmware 1.0.2.40 Netgear R7800 Firmware 1.0.2.42 Netgear R7800 Firmware 1.0.2.44 Netgear R7800 Firmware 1.0.2.46 Netgear R7800 Firmware 1.0.2.58 Netgear R7800 Firmware 1.0.2.60 Netgear R8900 Firmware - Netgear R8900 Firmware 1.0.2.60 Netgear R8900 Firmware 1.0.3.6 Netgear R8900 Firmware 1.0.3.10 Netgear R8900 Firmware 1.0.4.2 Netgear R9000 Firmware - Netgear R9000 Firmware 1.0.2.4 Netgear R9000 Firmware 1.0.2.30 Netgear R9000 Firmware 1.0.2.40 Netgear R9000 Firmware 1.0.2.52 Netgear R9000 Firmware 1.0.3.6 Netgear R9000 Firmware 1.0.3.10 Netgear R9000 Firmware 1.0.3.16 Netgear R9000 Firmware 1.0.4.2 Netgear R9000 Firmware 1.0.4.8 Netgear Rbk20 Firmware 2.3.0.22 Netgear Rbr20 Firmware - Netgear Rbr20 Firmware 2.3.0.22 Netgear Rbs20 Firmware 2.3.0.22 Netgear Rbk40 Firmware 2.3.0.22 Netgear Rbr40 Firmware * Netgear Rbs40 Firmware 2.3.0.22 Netgear Rbk50 Firmware 2.3.0.22 Netgear Rbr50 Firmware 2.3.0.22 Netgear Rbs50 Firmware 2.3.0.22 Netgear Wn2000Rptv3 Firmware * Netgear Wn3000Rpv2 Firmware * Netgear Wn3000Rpv3 Firmware * Netgear Wn3100Rpv2 Firmware * Netgear Wnr2000V5 Firmware * Netgear Wnr2020 Firmware 1.1.0.40 Netgear Wnr2020 Firmware 1.1.0.42 Netgear Wnr2020 Firmware 1.1.0.44 Netgear Wnr2020 Firmware 1.1.0.46 Netgear Wnr2020 Firmware 1.1.0.48 Netgear Wnr2020 Firmware 1.1.0.50 Netgear Wnr2020 Firmware 1.1.0.54 Netgear Xr450 Firmware 2.3.2.32 Netgear Xr500 Firmware 2.3.2.32	170
Hardware	Netgear Netgear D3600 - Netgear D6000 - Netgear D6200 - Netgear D7000 - Netgear D7800 - Netgear Dm200 - Netgear Ex2700 - Netgear Ex6100V2 - Netgear Ex6150V2 - Netgear Ex6200V2 - Netgear Ex6400 - Netgear Ex7300 - Netgear Ex8000 - Netgear Jr6150 - Netgear Pr2000 - Netgear R6020 - Netgear R6050 - Netgear R6080 - Netgear R6120 - Netgear R6220 - Netgear R6230 - Netgear R6260 - Netgear R6700V2 - Netgear R6800 - Netgear R6900V2 - Netgear R7500V2 - Netgear R7800 - Netgear R8900 - Netgear R9000 - Netgear Rbk20 - Netgear Rbr20 - Netgear Rbs20 - Netgear Rbk40 - Netgear Rbr40 - Netgear Rbs40 - Netgear Rbk50 - Netgear Rbr50 - Netgear Rbs50 - Netgear Wn2000Rptv3 - Netgear Wn3000Rpv2 - Netgear Wn3000Rpv3 - Netgear Wn3100Rpv2 - Netgear Wnr2000V5 - Netgear Wnr2020 - Netgear Xr450 - Netgear Xr500 -	46

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296