Vulnerabilities > CVE-2022-46423 - Unspecified vulnerability in Netgear Wnr2000 Firmware

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

high complexity

netgear

NVD

Published: 2022-12-20

Updated: 2023-11-07

Summary

An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v1.2.3.7 and earlier.

Vulnerable Configurations

Part	Description	Count
OS	Netgear Netgear Wnr2000 Firmware 1.0.0.42 Netgear Wnr2000 Firmware 1.0.0.48 Netgear Wnr2000 Firmware 1.0.0.58 Netgear Wnr2000 Firmware 1.0.0.62 Netgear Wnr2000 Firmware 1.0.0.64 Netgear Wnr2000 Firmware 1.0.0.66 Netgear Wnr2000 Firmware 1.0.0.68 Netgear Wnr2000 Firmware 1.0.0.70 Netgear Wnr2000 Firmware 1.2.0.8 Netgear Wnr2000 Firmware 1.2.3.7	10
Hardware	Netgear Netgear Wnr2000 1.0	1

Summary

Vulnerable Configurations

References