CVE-2019-20751

16.04.2020, 21:15

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, DM200 before 1.0.0.61, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.26, R9000 before 1.0.4.26, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.66, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.8 MEDIUM	ADJACENT_NETWORK	LOW	HIGH	CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	6.8 MEDIUM	ADJACENT_NETWORK	LOW	HIGH	CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 56%

Vendor	Product	Version
netgear	d6100_firmware	𝑥 < 1.0.0.60
netgear	dm200_firmware	𝑥 < 1.0.0.61
netgear	ex2700_firmware	𝑥 < 1.0.1.48
netgear	ex6100_firmware	𝑥 < 1.0.1.76
netgear	ex6150_firmware	𝑥 < 1.0.1.76
netgear	ex6200_firmware	𝑥 < 1.0.1.72
netgear	ex8000_firmware	𝑥 < 1.0.1.180
netgear	r7800_firmware	𝑥 < 1.0.2.52
netgear	r8900_firmware	𝑥 < 1.0.4.26
netgear	r9000_firmware	𝑥 < 1.0.4.26
netgear	wn2000rpt_firmware	𝑥 < 1.0.1.32
netgear	wn3000rp_firmware	𝑥 < 1.0.0.68
netgear	wn3000rp_firmware	𝑥 < 1.0.2.70
netgear	wn3100rp_firmware	𝑥 < 1.0.0.66
netgear	wndr4300_firmware	𝑥 < 1.0.0.58
netgear	wndr4500_firmware	𝑥 < 1.0.0.58
netgear	wnr2000_firmware	𝑥 < 1.0.0.68

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-787 - Out-of-bounds Write
The software writes data past the end, or before the beginning, of the intended buffer.

References

https://kb.netgear.com/000060964/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Extenders-Gateways-and-Routers-PSV-2018-0171